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ABSTRACT 


An understanding of the mathematical properties of Petri Nets is 
essential when one wishes to use Petri Nets as an abstract model for 
concurrent systems. The decidability of various problems which arise 
in this context is an important aspect of this question. The fact that 
these problems also arise in the context of other mathematical theories, 
such as commutative semigroups, closure under linear relations, 
Matrix Context-Free grammars, or Weak Counter Automata, provides 
further motivation. 


The Reachability Problem for Vector Addition Systems - whose 
decidability is still an open question - is of central importance. We 
show that a number of Petri Net problems are recursively equivalent to 
this problem, These include the Liveness Problem (e.g. can a given 
system reach a deadlocked state?), the single-place reachability problem 
(can a given buffer ever be emptied?), the persistence problem (can a 
given transition ever be disabled by the firing of another transition? ), 
and the membership and emptiness problems for certain classes of 
languages generated by Petri Nets. 


The power of the unrestricted Petri Net model is illustrated by 
various undecidable equivalence results. In particular, we show that the 
equality of Reachability Sets and the equivalence of two Petri Nets in 
terms of their language-generating capability are recursively undecidable. 


It is hoped that the constructions used to prove our results will shed © 
Some light on the source of the complexities of the unrestricted Petri Net 
model, and may eventually permit us to achieve an optimal balance 
between representational transparency and analytical power of the Petri 
Net model. 
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CHAPTER 1 
INTRODUCTION 


1.1 Petri Nets and Concurrent Systems 


Petri Nets are best known as a graphical tool for the representation 
and analysis of concurrent or parallel systems, They originated from 
the work of C. A, Petri [54] in Germany in 1962. They were introduced 
to the U.S.A. by A. W. Holt in 1966. The notation most commonly 
used is also due to Holt [27]. In 1970 the interpretation of Petri Nets 
was generalized to permit unboundedness, such as occurs in a priori 
unbounded buffers (Holt and Commoner [28]). Further generalizations - 
to what we call "Generalized Petri Nets" - were proposed around 1972 by 
several people, including Commoner [8 J, Keller [34] and the author. 

We have shown in [18, 20] that these Generalized Petri Nets can them- 
selves be suitably modelled by "ordinary" Petri Nets (1970 definition), so 
that the generalization essentially only buys modelling convenience, not 
more modelling power. 

A Petri Net describes a concurrent system by expressing the relation- 
ship between elementary actions performed by the system and the 
resulting local change in the state of the system. In contrast to 
traditional automata theory, the state of a concurrent system is a 
structured entity, and 'local change" means change to a specific 
structural component of the state of the system. Such local state 
changes can occur concurrently - that is to say, in a temporally independ- 
ent fashion, where the concept of simultaneousness may be ill-defined - 
and thus the concept of "total system state'' may also be ill-defined, 
except as an abstraction (imagine counting a moving crowd!). But this is 


a philosophical issue which need not concern us here. 
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If we want to use Petri Nets as a model for concurrent systems, we 
must provide anaiynical tools to answer the kind of questions we would 
like to ask about the concurrent systems. This implies a knowledge of 
the mathematical properties of Petri Nets. 

To date, the mathematical properties are well known only for 
certain restricted classes of Petri Nets. In their full generality, there 
are still many unsolved problems. Even for bounded systems (where 
the number of possible configurations is finite) - which in theory can be 

' grossly described by Finite State Automata - the problems are 
untractable, because the notion of total system state simply does not 
reflect the structure of the system, aside from any consideration of size. 

We shall investigate the decidability of some important questions about 
the mathematical properties of Petri Nets. Specifically, we shall study 
whether there exist algorithms for testing whether a given Petri Net has 
a given property or not. For some properties, we can directly exhibit 
an algorithm for testing for them, but our main technique consists in 
proving the recursive reducibility of one problem to another: We show 
how to effectively construct an algorithm for one problem if we are given 
an algorithm (or an oracle") for the other, 

We believe that the techniques and constructions used in our proofs 
can also be very useful as general analytical tools for studying Petri 
Nets, because the reducibility proofs illustrate fundamental relationships 
between the various mathematical properties of Petri Nets. This is 
true even in the case of bounded systems, where decidability is a moot 
question, because the parallelism inherent in Petri Nets permits the 
representation of exceedingly complex finite-state systems by compara- 


tively small Petri Nets. In fact, the complexity of bounded Petri Net 


215 


constructions can be just about as bad re for unbounded constructions. 

It therefore appears that resolving the open decidability questions is 
not an end in itself, but a means for providing understanding and 
analytical tools for further questions of greater importance to the 
modelling of concurrent systems: 

- Which restrictions are to be imposed on the general case to keep 
the complexity within bounds, and yet be able to model as 
extensive a class of systems as possible? 

- Given suitable restrictions, which structural properties are 
important to an analysis of behavioural features of the system? 

- What analytical procedures are to be used to relate such 


behavioural features to the identified structural features? 


But there are also direct reasons for studying these decidability 
questions. The motivation does not come from concurrent system 
modelling, but rather from Automata Theory, Formal Language Theory, 
and Discrete Mathematics. Several open decision problems in these 
areas are related to the decision problems for Petri Nets. Also, Petri 
Nets can be formulated as a mathematical theory so simple that every 
undecidability result is surprising, and may shed some light on the 


minimal requirements to produce undecidability, 


1.2 The Computer Science Motivation 
Since 1963 (Estrin and Turn [13], Karp and Miller (33), various 


formal systems have been developed for the purpose of modelling 
Concurrent Systems or Parallel Programs. The objective has been 
to provide models capable of answering questions peculiar to the notion 


of concurrency, such as non-determinacy, deadlocks, competition for 
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resources, critical and noncritical races, etc. These behavioural 
questions can often be related to structural questions about the 
concurrent system, such as decomposition into interacting components, 
the existence of critical substructures, global and local structural 
constraints, and the like. 

The ease with which this modelling task can be accomplished depends 
heavily on two factors: Model transparency and analytical power. 

The first factor is the ability to relate structural features of the model 
to corresponding structural features of the concurrent system 
represented by the model. The second factor is the ability to use the 
model for answering questions about the concurrent system. It depends 
not only on the model itself, but also on the mathematical tools that are 
available to extract the desired information from the model. 

When modelling parallel programs, a distinction is usually made 
between data flow and control flow. Program Schemata treat this discip- 
line as a whole, and are uSed to answer questions about determinacy, 
functional equivalence, data access conflict, and the like. We wish to 
abstract further, and consider only the control aspect of parallel 
programs, i.e. the set of possible execution sequences without regard to 
the functional composition involved. For example, the control aspect | 
of Karp and Miller's Parallel Program Schemata [ 33] and of Slutz' Flow 
Graph Schemata [60] is analyzed by these authors using Vector Addition 
Systems. 

We have shown [18, 20] how Petri Nets and Vector Addition Systems 
can fully represent each other, and thus all questions concerning one 
System can be answered by studying the other. 


Among parallel programming language constructs are Dijkstra's 


Se 


Semaphore operations [12] and communication primitives such as fork 
and join. We shall only be concerned with the Semaphores and the 
poSition of the control loci in the various parallel processes; in a sense, 
we disregard all statements except P, V, goto (or while, with an 
undeterminate predicate), create and quit. Semaphore systems can be 
peovedsnied by Petri Nets (R. c, Holt, 1970 [29]; Patil, 1971 [51 ]); 
other references on the use of Petri Nets to represent parallel program 
control are [37, 38, 58,59]. Here, the main problem of interest is the 
prevention of deadlock, a subject which has been extensively studied by 
R. C. Holt [29]. This corresponds to the Liveness Problem for Petri 
Nets, which is one of the open decision problems we Study in this thesis. 
Another field where Petri Nets have been useful is that of Asynchronous 
Control Structures (Dennis [11]). Some formalisms correspond to restric- 
ted classes of Petri Nets (Patil, 1969 [48} Bruno and Altman, 1971 [5]; 
Jump and Thiagarajan, 1972 (31, 32]); some are slight variations (Patil, 
1970 [49]; Noe and Nutt, 1972 [45]; Grandoni and Zerbetto, 1973 (15]);and 
others are quite general, such as Keller's Transition Systems and Vector 
Replacement Systems [34]. An extensive bibliography is given by 
Miller [42], who has also studied the relationship between some of these 
formalisms [43]. The interconnection of Asynchronous Modules by 
buffers has been studied by Patil [50]; such interconnections already 
generate structures with the complexity of Petri Nets in their most 
general sense. Problems of deadlocks are also important here; in 
addition, we would like to determine if a particular control state can be 
reached from some initial state. This is the Reachability Problem. 
This problem turns out to be the central decision problem, and it is not 


known whether it is decidable or not. Indeed, we do not know, in 
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general, | whether the set of control states reachable from some initial 
configuration of the system is recursive or not. 

To the extent that Petri Nets can represent the various formalisms 
presented so far, the decision problems for Liveness and Reachability 
are of concern to the computer scientist. But his main motivation in 
studying these problems is the insight this study may give into the 
structural and mathematical properties of his formalisms, as mentioned 


in the previous section. 


1.3 The Mathematical Motivation 

Vector Addition Systems - and therefore Petri Nets - turn up in 
several areas of automata theory and formal language theory. Minsky 
defined Program Machines (also known as Register Machines or Counter 
Automata) [43], which consist of a series of counters and a finite control 
which can increment or decrement individual counters and test individual 
counters for zero. If we have non-deterministic control and drop the 
zero-testing capability, we get a class of automata equivalent to Vector 
Addition Systems, which we call Weak Counter Automata [24]. (Baker [4 ] 
calls them Restricted Nondeterministic Counter Automata,) They are 
intimately related to the notion of weak computability as defined by Rabin 
[4.56]. Whereas Minsky's Counter Automata can compute any partial 
recursive function (the arguments are the initial values in a set of input 
counters; the result is the contents of an output counter when the 
automaton halts), Restricted Nondeterministic Counter Automata can 
weakly compute a large class of arbitrarily fast growing monotonic 
primitive recursive functions - in particular, polynomials with non- 
negative integer coefficients (the output in a weak computation is the 


upper bound on the contents of the output counter over all possible (non- 
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deterministic) computations starting on a given input). This fact has 
enabled Rabin to prove the first known undecidability result about Vector 
Addition Systems. Following Rabin, we shall present the notion of 
weak computation by Petri Nets (Chapter 6), which we use to prove 
Rabin's result (Chapter 7) as well as some of our own undecidability 
results ( Ghsptee 10). 

The similarity between Petri Nets and Counter Automata can also 
be used to show how simple modifications to the firing rule, such as 
"zero-testing" arcs or "priority" firing rules, can dramatically increase 
the power of Petri Nets to equal the power of Turing Machines 
(Agerwala [2 ], Hack [24]). Many results in complexity theory about 
Vector Addition Systems and Petri Nets are also based on this relation- 
ship (Cardoza [6 ], Lipton [39]). 

Van Leeuwen [63] has also studied the Reachability Problem for 
Vector Addition Systems, and points out that it is related to the recursive- 
- ness problem for Matrix Context-Free Languages, which differ from 
ordinary Context-Free Languages by the fact that the rules of the 
grammar are grouped in "Matrices", and all rules in one matrix must be 
applied in sequence, or else the matrix cannot be applied at all; the 
empty string is also allowed as a replacement for a nonterminal (other- 
wise the language would be trivially recursive), Also see Abraham [1 ], 
Crespi-Reghizzi and Mandrioli [9 ], Van Leeuwen [62]. This is one 
example where decidability itself is an issue: Any proof of the decida- 
bility or undecidability of the Reachability Problem for Petri Nets will 
also settle the emptiness and recursiveness problems for Matrix Context- 
Free Languages and, conversely, further research in that area may 


settle the Reachability Problem as well as the various Petri Net problems 
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that will be shown to be recursively equivalent to it. 

There are in fact several ways in which Petri Nets are related to 
Formal Language Theory. As pointed out by Keller [34] and Crespi- 
Reghizzi [9 ], a Vector Addition System (in fact, a slight generalization 
_ thereof, due to Keller) can be considered as a commutative Semi-Thue 
System, and vice versa, A path in the Vector Addition System, or a 
control sequence in a concurrent system modelled by a Petri Net, 
corresponds in the Semi-Thue system to a derivation generating the 
vector or control state reached by that path or sequence. 

A different approach has been taken by Baker [3 ], Peterson [52] and 
this author [24], Instead of looking at the Petri Net as a grammar, let 
us look at it as a language-generating device. Each event occurrence - 
in addition to changing the control state of the system - also generates 
a symbol from some alphabet. We shall study the decision problems 
associated with these "Petri Net Languages" in Chapters 8, 9 and 10. 

Another mathematical system equivalent to Petri Nets is the study of 
sets of integers closed under sets of linear relations of the form 
R,, b= { x, y) |ax = by} for integers a, b, x, y. Thus, the Reachability 
Problem is decidable iff’, for any finite set of pairs of integers (a, b.), 


the closure of the set {2} under the linear relations R as defined 


a., b.’ 
i 
above, is effectively a recursive set. (Hack, 1973 [19]) 
Vector Addition Systems themselves can be formulated in the language 
of the mathematician. Let A be a commutative (additive) semigroup. 


A relation R © A? is said to be compatible iff ya € A: ‘x, y) eR = 


(x+a,yt+a) €R. The object is to study subsets of A closed under 


"iff" is a common abbreviation for "if and only if". 
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compatible relations. If A is finitely generated and finitely presented, 
and R has a finite number of minimal elements, we get Vector Addition 
Systems (Hack, 1974 [22]). Keller [34] and Van Leeuwen [63] have 
also nbinted out that a restricted form of the Reachability Problem is 
related to the word problem for finitely generated and finitely presented 
commutative semigroups, and Cardoza [6 ] has studied this problem in 
terms of its computational complexity. 

These examples show the possible impact of a solution of the decida- 
bility problems for Petri Nets. In contrast to the computer scientist, 
the mathematician may benefit from this result directly, and may be 
_ uninterested in the relationship to the behaviour of some underlying 
concurrent system, . 

We do in fact take this point of view in some of our proofs, where we 
use transformations which do not significantly change the set of reach- 
able control states of some modelled concurrent system, but which 
behaviourally correspond to a total elimination of concurrency. 

On the other hand, existing mathematical results in, say, the theory 
of commutative semigroups, may be helpful in some of our future proofs 
(for example, the first order theory of a given finitely generated commuta- 


tive semigroup has been shown to be decidable by Taiclin [61]). 


1.4 Object of this Thesis 


In this section we shall briefly describe Petri Nets in the form in 
which they are used most frequently. But, before proceeding, we would 
like to state our bias in the approach to Petri Nets presented in this 
thesis. 


Different people may have widely different views as to what 
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constitutes a Petri Net. To Carl Adam Petri, the Nets that we - and 
the computer scientists and mathematicians mentioned so far - use are 
only a very restricted interpretation of a much more primitive and 
general concept ultimately rooted in topology [55], a concept which at its 
coarsest level expresses the duality between actor and action, and at the 
finest level projects this duality into a geometry of the universe not 
unlike Minkowski's world lines and the conceptual pair force vs motion. 

Our intentions are much less ambitious. We may use the semantic 
interpretation of concurrent systems modelling to motivate the various 
problems we wish to study, but in effect we wish to regard a Petri Net 
as a mathematical object, which can be defined and represented in a 
number of ways, depending on which properties of the model we wish to 
study. Thus, our vocabulary will be mainly that of sets and relations, 
although we also freely use the mental image of the Petri Net as a 
dynamic object, where things happen (occur), as in a concurrent system 
for example. This is actually the same attitude as that of a 
mathematicjan studying automata theory. 

A Petri Net, as defined by Holt in 1970 [28], is a directed bipartite 
graph whose two vertex types are places, drawn as circles, and 
transitions, drawn as bars, This graph represents the structure of a 
concurrent system to be modelled: Certain collections of places may 
correspond to specific components in the system, The transitions then 
correspond to certain actions in the system which involve those 
components that contribute the places to which a transition is attached. 

The state of a system component is deachiped by a distribution of 
markers, or tokens, in the places corresponding to that system 


component; the occurrence of some action, which changes the state of 
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certain components, is modelled by the firing of a transition. This is 
done as follows: 

A marking for a Petri Net is a function which assigns a non-negative 
integer to each place in the net; it can also be visualized as a vector of 
non-negative integers, each dimension corresponding to a specific place 
in the net. The marking expresses the distribution of markers over the 
places in the net at a given time: it indicates the number of tokens 
(possibly zero) on each place (drawn as dots inside the circle). 

A transition is said to be firable iff every place which (in the directed 
bipartite graph) is connected to that transition by an arc pointing to the 
transition (input place of the transition) contains at least one marker. 
This expresses the system Situation where the local configuration is such 
that all resources or enabling conditions for the action represented by 
the transition are available. A firable transition may fire; this changes 
the marking by removing one marker from each input place, and adding 
one marker to each output place (i.e. places connected to the transition 
by an arc pointing to the place). This models the occurrence of the 
enabled action in the system, and expresses the corresponding local 
change of configuration. In the case of a Petri Net used to recognize or 
generate a Petri Net Language, this transition firing can also be thought 
of as reading the corresponding symbol from an input tape, or printing 
the symbol on an output tape. 

All our results will in fact be proved for the class of Generalized 
Petri Nets, which differ from the Ordinary Petri Nets described above 
only in the fact that the underlying graph is a directed bipartite multi- 
graph, i.e. there may be a bundle of one or more arcs from a given 


place to a given transition, or from a transition to a place. The firing 
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rule is such that each arc carries one token, So that a transition requires 
a token for each input arc to be enabled, and may remove or deposit 
several tokens in one place when it fires. 

A simulation of the model then consists of a sequence of transition 
firings leading from a given initial marking to some reachable marking. 
The reachability set (also called marking class) is precisely the set of all 
markings that can be obtained after some firing sequence from a given 
initial marking. 

The Reachability Problem (RP) is the problem of deciding whether a 
given marking is reachable (is in the reachability set) in a given Petri 
Net with a given initial marking. That is to say, in the concurrent 
system modelled by the Petri Net, we would like to know whether a 
particular configuration of the System can ever occur during operation. 

The Reachability Problem refers to the total system state. Oftena 
more meaningful question is whether a certain part of the system can 
ever ie brought into a given local configuration by a sequence of actions 
starting from the initial configuration. In the Petri Net we ask whether 
any marking whose restriction to a given subset of the places is given 
can be reached from the initial marking. This is the Submarking 
Reachability Problem (SRP). 

A special case of the RP is the Zero Reachability Problem, or ZRP, 
which asks whether all tokens can be removed from the net by some 
firing sequence. A special case of the SRP is the Single-Place Zero 
Reachability Problem, or SPZRP: does there exist a reachable marking 
in which a given place contains no tokens? Surprisingly, this very 
particular form of the Reachability Problem is recursively equivalent to 


the full Reachability Problem. When modelling a concurrent system, 
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' 


this is the question of whether a given buffer can ever be emptied, or 
whether a given semaphore will ever reach zero and thus cause some 
process to become dormant on a P operation on that semaphore. 

These Reachability Probleme are studied in Chapter 4. 

It can also happen that a system reaches a state after which two 
actions must wait for each other, creating a partial deadlock that cannot 
be resolved by any sequence of the remaining actions. Alternatively, 
some non-renewable resource may run out, also disabling a certain 
portion of the system. This situation is expressed in the Petri Net by a 
set of non-live transitions: A transition t is non-live iff a marking can 
be reached from which no firing sequence ever firing tis possible. <A 
live transition thus has the property that, no matter what firing sequence 
has occurred so far, the transition can always eventually be fired again. 
A Petri Net is said to be live iff every transition is live. 

The Liveness Problem (LP) is the problem of deciding, given a Petri 
Net and an initial marking, whether the net is live. The Subset Liveness 
Problem (SLP) asks whether a given transition (or set of transitions) is 
live. 

Another important notion is that of persistence. A transition is said 
to be persistent iff the only way it can become disabled is by firing; no 
other transition firing may disable it. This corresponds to the notion 
of an irreversible commitment to perform a certain operation - once the 
decision is made to execute, nothing can remove the conditions which 
permit the planned operation but its own execution. The persistence 
problem (PP) is' the question of whether a Net is persistent, i.e. whether 
all transitions are persistent. It is of course reducible to the SPP, 


which is the same question for a subset of transitions, or a single 
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transition. 

We shall show (in Chapter 5) that all problems mentioned So far are 
recursively equivalent to each other, except for PP which is only known 
to be pedneibis to the others, via SPP. This may be because persistent 
Petri Nets have special properties - in particular the LP, when 
mesericied to persistent Petri Nets, is decidable. It is not known yet 
whether PP itself is decidable or not, but we have some partial results 
which lead us to believe that PP is decidable, and that RP is decidable 
for persistent nets. | | 

In fact, in Chapter 11 we shall present some circumstantial evidence 
to support our stronger conjecture that RP, and with it all problems 
mentioned above, are decidable. 

Only one undecidability result was known for Petri Nets: Rabin's result 
on the undecidability of the Inclusion Problem for Reachability Sets. We 
shall add to this the undecidability of the Equality Problem for Reachability 

-Sets (Chapter 7) and of the Equivalence Problems for various Petri Net 
Language families (Chapter 10). 

We shall also consider the emptiness and membership problems for 
Petri Net Languages; these problems turn out to be either decidable or 


equivalent to RP (Chapter 9). 


1.5 Previous Work + 

Practically all previous work done on the decision problems we are 
interested in has been done for Vector Addition Systems. 

Vector Addition Systems were developed by Karp and Miller in 1966 
to establish decidability results about their Parallel Program Schemata, 
In particular, they proved the decidability of boundedness and cover- — 


ability for Vector Addition Systems [33]. (An improved version of this 
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proof, adapted to our purposes, will be presented in Chapter 3.) At the 
same time, M. Rabin studied the relationship between Reachability Sets 
and Semilinear Sets (Parikh, [46]). He concluded that there are non- 
Semilinear Reachability Seta, and proved that the Inclusion Problem for 
Reachability Sets (Is the Reachability Set of one VAS a subset of that of 
another VAS?) is recursively unsolvable. This proof was simplified in 
1972 in response to Matijasevic's proof of the undecidability of Hilbert's 
10th Problem [26,40]; an account of this can be found in Baker [4 ] and 
Hack [20]. We include an improved version of this proof in this thesis, 
because our own undecidability proofs use the same central idea of 
"weakly" computing polynomials (Chapters 6 and 7). 

R. Keller discussed various decision problems for his Vector Replace- 
ment Systems [34], and considered certain restrictions under which the 
Reachability Problem would be decidable. He studied the Liveness 
Problem and showed, in particular, that the related problems of infinite 
firability and potential firability are decidable, and that Liveness is 
decidable for persistent nets. He also conjectured that the Livenesa 
Problem was reducible to the Reachability Problem; we shall prove this 
conjecture (and its converse) in Chapter 5. 

J. Van Leeuwen, using geometrical arguments, also proved certain 
decidable subcases of the Reachability Problem [63] by establishing the 
semilinearity of certain projections of Reachability Sets; he proved that 
all 3-dimensional Vector Addition Systems have Semilinear Reachability 
Sets. 

B. O. Nash published the reducibility of the Reachability Problem to 
the reachability-of-zero and the reachable-from-zero problems [44]; we 


discovered a Slightly stronger result (presented in Chapter 4) independently 
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at about the same time [20]. 

J. L. Peterson [52] studied one of the families of Petri Net Languages 
we consider in this thesis. Our own work on Petri Net Languages is 
reported in [24], and some new results can be found in [25]. In this 
thesis we dwell only on the decidability questions raised by Petri Nets as 
language generators (Chapters 9 and 10), and on the definitions and 
. properties required for this purpose (Chapter 8). 

The relationship between Petri Nets and other formalisms has been 
studied by many people, including Keller [34], Peterson [52], Peterson and 
Bredt [53], Miller [42,43], Lipton [38], etc. | 

Finally, let us mention some recent results about the complexity of 
various decision problems. Most problems are very difficult to decide. 
In fact, Lipton [39] has shown that both Reachability and Boundedness take 
at least Exponential Space to decide. The least known upper bound on the 
complexity of the Boundedness Problem is Ackermann's Function, The 
complexity of some Petri Net decision problems is studied in a paper by 


Jones and Lien [30]. 


(Added in May 1976:) 


The first non-contrived problem whose complexity is non-primitive 
recursive arises from Petri Nets: Given two bounded Petri Nets, do the 
have equal reachability sets? It is reported in cardoza, Lipton and Me 
"Exponential-Space Complete Problems for Petri Nets and Commutative Se 
groups", Proceedings of the 8th Annual ACM Symposium on the Theory of 
puting, Hershey, Pa., May 1976. 

C. Rackoff (U. of Toronto) has also been able to improve the upper 
on the complexity of the Potential Liveness Problem, which is related 
the boundedness problem, to space n:, down from Ackermann's function. 
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CHAPTER 2 


BASIC DEFINITIONS AND PROPERTIES 


2.1 Generalized Petri Nets 
Definition 2.1: 
A Generalized Petri Net (GPN) N = (II, 2, F, B, Mp) consists of the 
following: | 
1. a finite set of places, II = {p,, .... p,] 
2. a finite set of transitions, © = {t,. etal tJ disjoint from I 
3. a forwards incidence function, F: II x 2 > IN (NN is the set of 
non-negative integers) 


4, a backwards incidence function, B: II x 2 + N 


on 


. an initial marking, Mp: fll? IN 


A GPN is represented graphically as follows: 
1. places are represented by circles 
2. transitions are represented by bars 
3. circles and bars are connected by bundles of arcs: ifpisa place 
andt is a transition, and F(p,t) = 3, we have a bundle of 3 arcs 
going from p tot; 3 is the size of the arc bundle. 
4, a marking is represented by drawing a number of tokens into a 
place, or writing the number. 
The graphical representation of a GPN is thus a directed bipartite multi- 
graph with a marking. When we draw a bundle of arcs we expect each 
fibre to carry along one token when a transition fires. The firability of 


a transition is thus defined as follows: 
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Definition 2.2: 

(a) A transition t is said to be firable iff for every place p €ll 
we have M(p) 2 F(p,t). Since this is always true when 
F(p, t) - 0 we need to inspect only the input places of 
transition t, i.e. those for which F(p,t) > 0. 

(b) If a firable transition fires, it changes the marking by 
removing F(p, t) tokens if p is an input place and by adding 
B(p, t) tokens if p is an output place (B(p,t) > 0). The new 
marking M' is now such that: | 


Vp: M'(p) = M(p) - F(p, t) + B(p, t) 


Usually, the sets of places and transitions are indexed, i.e. 
II = {p, | 1 sisrjand= = {t, }1 <j*s}. In this case, it is useful to 
represent markings as vectors in IN’, where the jth coordinate of vector 
M is the number M(p,). In this context, we associate with every 
transition * its input vector F(t,) and its output vector Blt), where the 
i” coordinate of F(t,) and Bit) is F(p., ty) and B(p;, ty), respectively. 

Now we can interpret the firing of transition t as a relation 
M[t)M' which says "transition t is firable at marking M and the firing 


leads to marking M'", such that; 
Mi)M # Me2Et) & M! = M - F(t) + Bt) 


' A firing sequence can now be defined as a sequence of transition 
: : * : ; 
names (or a string®O in Z ), such that each prefix leads to a marking at 
which the following transition is firable. Thus, Figure 2.2 shows the 


result of firing ty in the Generalized Petri Net of Figure 2.1. Since tg 
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is firable at that new marking, tots is a firing sequence. Note that tgty 
is not a firing sequence, since ts is not firable at the initial marking. 
The dynamic aspects of the Generalized Petri Net N can now be 
described by the set of firing sequences Siq(M 0) Starting at the initial 
marking Mp, and by the set of reachable markings Rxy(M 0)» i.e. the 


markings M' such that some firing sequence 9 € Sy(M 0 leads from My 
to M! (also called reachability set). This we write as M,[o)M', where 
the relation [0) is defined as the composition of the relations [t,) for the 
transitions t, as they occur in the string, So that composition for the 
relations corresponds to concatenation for the strings of transition 
names, 

Formally, we have: 
Definition 2. 3: 

A firing sequence from marking M to marking M' is represented 

by a string of transition names a € o* such that: 

(a) M[\)M (where } is the empty string) 

(b)M[t}M' #» M2F(t) & M! = M - F(t) + Blt) 

(for a string of length one) 
(c)M[ot) M' » gM" € INT; M[o)M" & M"[t)M! 


(recursive definition) 


Given a "final" marking M, we also define the set of terminal 


firing sequences Ty(Mo, M,) which contains all those firing sequences 


which lead from My to M r 


We summarize these concepts in: 
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Definition 2. 4: 
Given a Generalized Petri Net N with initial marking My and 
final marking M-: 
The reachability set is Ry(M,) = {M €IN* |3a € 2°; M)[o)M} 
The set of firing sequences is 5S.) (M 9) =- {0 € 3 | IM'e IN’: 
! 
M,[o)M'} 
The set of terminal firing sequences is Ty(M 9» My) = 
ok 
{o ¢2 | Moio)M,} 


Clearly, T,(My,M,) © Sy(Mj)) and M, f Ry (My) & Ty(Mo, Mp) = 9. 
We notice that: 


M,[o)M = 0 €S\(Mp) & M € RA(M)) 


Just as the marking F(t) isthe smallest marking at which a given 
transition t is firable, there is a smallest marking at which a given 
firing Sequence is firable. We call this the hurdle of the firing 
sequence: 

Definition 2.5: 

Leto € ye be an arbitrary firing sequence. 

(a) The smallest marking at which 9 can be fired in its entirety 

is called the hurdle H(G) of the firing sequence. 

(b) If M[o)M', then M' - M is called the marking change A(@) of 


the firing sequence. 


It is easy to See that there is indeed a unique smallest marking at 
which a firing sequence Oo is firable. This is because each coordinate 


of H(@) can be calculated independently. 
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Let us define the componentwise max of two vectors as the 
vector V" = max (V, V'), where 
v"(i) = if Wi). 2 V'(i) then V(i) else V'(i) 
Then we can calculate the hurdle (and also the marking change) 


of a firing sequence 9 recursively as follows: 


HQ) = (0)" A(x) = <0)" 
H(t) = max (H(o), F(t) - A@)) 
Act) = Ag) - F(t) + Bit) 


Vo € L* 


yted 


Notice that H() € IN” but A(c) € zr, Also, if there are no self-loops, 
then any firing sequence 0 fired from H(@) to H(a) + A(@) makes each 
coordinate reach zero at some intermediate (including initial and final) 
marking. If there are self-loops, a coordinate may "reach" zero 
"during" a firing, i.e. after removing F(t) but before adding B(t) for 
some transition. Finally, we observe the following effect of increasing 
the initial marking: 
Theorem 2.1; _ 

Let W € IN’. 

(a) M)o>M, = (My+ W) [o> (M, + W) 

(b) Sy(Mg) S Sy (My + W) 
(c){M € IN’ | (M- W) € RX(M))} & Ry (My + W) 


(d) Ty (Mo; M,) = Ty (Mg + W, M,+ W) 


f 


Proof: 
All four statements are manifestations of the containment property, 
which is most easily illustrated by distinguishing tokens due to Mo 
from tokens due to W, and by not moving any tokens due to W. 


QED 
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2.2 Restricted Petri Nets . 

In some cases it is useful to restrict the definition of Petri Nets. 
Ordinary Petri Nets are GPN's whexé the size of arc bundles is restricted 
to one. This corresponds to Holt's original definition [17,28]. 


Selfloop-free Petri Nets have no pairs p,t that are both forwards and 


backwards connected, i.e. B(p,t) + F(p,t) = 0 for all places p and tran- 

Sitions t. Restricted Petri Nets! (RPN) are Selfloop-free Ordinary 

Petri Nets; any place-transition pair is connected by at most one arc. 
The relations between these various restrictions and Vector 


Addition Systems are discussed in a more detailed manner in Hack [20]. 


2.3 Reachability, Coverability, Boundedness, Liveness 
and Persistence 


Definition 2. 6: 
A marking M is said to be reachable in a Petri Net N with initial 
marking Mo iff: M € Ry (Mo). 

Definition 2.7: 
A marking M is said to be coverable in a Petri Net N with initial 


marking M, iff: @M' € Ry (Mo): M' 2M. 


0 
Definition 2.8: 

(a) A place p, is said to be bounded in a Petri Net N with initial 
marking My iff there exists an integer b; such that the number 
of tokens M(p;) at any reachable marking M never exceeds b3: 
M € Ry (M 9) 2 M(p,) <b. 

(b) A Petri Net N with initial marking Mp is said to be bounded 


iff every place is bounded. 


t Cc. A. Petri calls these nets 'Pure Petri Nets". 
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It follows that a Petri Net is bounded iff the reachability set 
Ryn (M) is finite. 
Definition 2.9: 

A transition t is said to be potentially firable at marking M in 


Petri Net N iff there exists a firing sequence starting at M which 


includes t, 


It is easy to see that potential firability is related to coverability 
by: 
t is potentially firable at M # F(t) is coverable in Ry (M) 


Definition 2. 10: 
A marking M is said to be t-dead (where t is a transition) iff 


transition t is not potentially firable at M. 


This is just another way of looking at potential firability. We 
have: 


Mis t-dead « F(t) is NOT coverable in Ry) 


A t-dead marking is the analogue of a hang-up State, or a 
"deadly embrace", in the context of concurrent systems. 
Definition 2.11: | 
(a) A transition t is said to be live in a Petri Net N with initial 
marking Mp iff it is potentially firable at every reachable 
marking, or equivalently, iff no t-dead marking is 
reachable. 
(b) A Petri Net N with initial marking M, is said to be live iff 


every transition is live. 
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(c) A firing sequence which reaches a t-dead marking is said to 


be a killing sequence (for t, or for the Net). 


In other words, no matter what happens, it is always possible to 
fire a live transition once again. 

We avoid speaking of "dead" transitions since the word seems 
equally suitable to describe a non-live transition or a not-potentially- 
firable transition. R. Keller suggests the word "immortal" instead of 
live, since it conveys a more precise image. The word "live" seems 
however to be the most widely used term for this concept in the Petri Net 
literature. R. C. Holt calls a live marking a "safe state" in the context 
of deadlocks in computer systems [29]. 

Definition 2.12: 

(a) A transition t is said to be persistent in a Petri Net N with 
initial marking Mo iff the only way it can be disabled is by 
its own firing. 

(b) A Petri Net is said to be persistent iff every transition is 
persistent. | 

Note: 
This definition of persistence of a transition can lead to 


ambiguity in the case of self-loops. Suppose both transitions t, and 


1 
t, are firable, but the firing of tp would, because of a self-loop, 
return at least as many tokens as were taken away from the input 


places of t Can such a firing ever disable t,? If we only look 


1? 1 
at reachable markings, it does not seem So. But the usual interpret- 
ation is that "tokens are removed before they are returned", because 


this interpretation is more consistent with certain interpretations of 
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concurrency and the notion of "set firings". 

This interpretation can be made precise by the following formula: 
tis persistentinR,(My) @ vt! €2- {t}; yM € R,(M,): 

(M 2 F(t) & M2F(t') >= M 2 F(t) + F(t')) 

In the other interpretation, where a self-loop could prevent non- 
persistence, we would have replaced the clause "M 2 F(t) + F(t')" by 
"M 2 F(t) + F(t!) - B(t')". 

The notion of persistence is useful in the context of Parallel 
Program Schemata (Karp and Miller [33], for example), where a 
persistent operator, once it becomes enabled, stays enabled until it fires. 
Also, in a persistent Net one cannot make irreversible 'mistakes" in the 
sense that if one tries to follow a given firing strategy and one fires the 
"wrong" transition, this "mistake" can be corrected because what was 
supposed to be fired can Still be fired. (In Keller's terms [35], a 
persistent net has the 'Church-Rosser property.) The notion of 
persistence is also linked to the notion of "conflict-free" Nets. 

The following table (Figure 2.3) illustrates the various concepts 


introduced so far as they apply to the example shown in Figure 2.1. 


2.4 Subnets and Submarkings 


In many cases we wish to restrict our attention to only a part of 
a given Petri Net. For example, one may ask whether it is possible to 
reach a marking consisting of exactly one token in each of two places, 
say Pp, and Po» without specifying a desired marking for the remaining 
places. In that case, we speak of reaching a given 'submarking" of 


places Py and Po: 
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Reachable from M (0, 99, 3) (0, 98, 2) 


Coverable from My (0, 98, 2) (0, 0, 5) 


. Bounded at My 


Firable at Mo 


Potentially firable 


at Mo 


Live at Mo 


Persistent at Mo 


t,-dead ~ (8, 0, 0) 
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For this purpose, we introduce the notion of a subnet of a Petri 
Net N = (11,2, F,B,M)), where Il = {p,> song py and D = {t,. oe tJ. 

A subnet is basically a subgraph, i.e. one selects a subset of 
the vertices - in this case, places and transitions - and all arcs that join 
the selected vertices - in this case, the restriction of the functions F, B. 
and My to the chosen subset of their domain. 

To be mathematically useful, however, a subnet should have 
certain properties. A very useful property is the property of being 
closed. This is actually a topological property of bipartite graphs which 
has been studied as such by Petri [55], but for our purposes (see also 
Hack [17,24]) the following definition will do: 

Definition 2. 13: 

A closed subnet of a Petri Net is a subnet consisting of a subset 

of the places and at least all transitions forwards or backwards 

connected to places in this subset. If only transitions connected 
to places in this subset are included in the subnet, then it is 
called a minimal closed subnet with respect to this subset of 
places; if the subnet contains all transitions of the Petri Net, it 
is called a maximal closed subnet. 

Notation: 

If P ¢ T¥ is a subset of the places of Petri Net N = (11,2, F,B, My?» va 
then the maximal closed subnet whose set of places is P is denoted by 
Np = (Pp, 2, F',B', Mp)» where F' and B' are F and B sastnicted to 


P xZ, and Mp is Mo restricted to P. 


Definition 2. 14: 
A submarking of a Petri Net N is a marking of a subnet of N, 


i.e, a marking restricted to a subset of the places. 
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Notation: 
If Pisa subset of the places, a submarking defined on these places 
is denoted by M/P and can be considered as a marking of Np: 
Definition 2.15: 

(a) Two markings M and M' agree over a set of places P if their 
restrictions to P are equal, i.e. if they determine the same 
submarking over P. We write this as; 

M = M! mod P e M/P = M'/P 

(b) Two submarkings M/P and M'/P' agree if they are equal on 

places common to both: | 


M/P = M'/P' » $M = M'mod (PN P*) 


The notion of agreement is useful in a context where both 
markings and submarkings over various sets of places are referred to. 
In particular, a marking agrees with any of its submarkings in the sense 


of (b): M = M/P 


The notion of agreement also permits a concise formulation of the 
extension to submarkings of the various definitions of section 2. 3. 

It is often useful to refer to a submarking directly, without 
explicitly mentioning the set of places on which it is defined. In order 
to avoid confusion with markings, we use the generic letter V for sub- 
markings, so that we may write, for example: V = M/P, where M is. 
Some marking of which V is the restriction to P. Since in this notation 


the set P is not explicitly shown, we introduce the notion of support: 


Definition 2.16: 
The Support P(V) of a submarking V is the set of places over 
which V is defined, i.e.: V = M/P > P(V) = P, 
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Now we are ready to extend the definitions of section 2.3 to 
submarkings. 
Definition 2. 17: 
In a Petri Net N, a submarking V over a set of places P is said 
to be reachable from a marking My iff some marking M whose 
restriction to P is the submarking V is reachable in N from Mo: 
i.e, Some marking of which V is a submarking is reachable: 


V reachable in Ry(My) ms QMaV: M € Rx(Mo) 


This is the formal way of defining the reachability of an 
incompletely specified marking, as in the example at the beginning of 
this section. | 
Definition 2.18: 

A submarking V is said to be coverable in a Petri Net N with 

initial marking My iff every marking of which it is a submarking 

is coverable: 


Vv coverable in Ry (Mj) o VM ws V &M' € Ry'M 9): M' 2M 


Notice the subtle difference between the definitions of reachability 
and coverability as extended to submarkings. In the first case, the 
property is derived from some marking which agrees with the submarking, 
whereas in the second case, the property must be true of all markings 
which agree with the submarking. In the first case we speak of the 
weak extension of a property of markings to submarkings and in the 
second case we Speak of strong extension. The choice is dictated by the 


usefulness of the resulting concept. Definitions 2.17 and 2.18 define - 


~43- 


* fas 
in more precise terms - weak reachability and strong coverability of 


submarkings. | 

The strong reachability of a submarking might be an interesting 
property, but we have not found enough interesting applications to study 
it further, It is a non-trivial extension of the notion of reachability, and 
we have as yet no evidence that it might be reducible to reachability. 

On the other hand, weak coverability is simply an instance of 
ordinary coverability of a marking which agrees with the given 
submarking and is zero on the places on which the submarking is not 
defined. | 

In the following definitions, the choice of the weak or of the strong 
extension of various concepts is dictated by similar considerations. 
Definition 2.19: 

_ Transition t of a Petri Net is firable at submarking V iff t is 

firable at some marking M which agrees with V: 


t firable at V e @MaV: M 2 Vit) 


Definition 2.20: 
Transition t is potentially firable at submarking V iff t is 


potentially firable at some marking M which agrees with V: 


T potentially firable at V 6» 2M sw V: t potentially firable at M. 


It is easy to see that a transition is firable at submarking V iff it 
is firable in Ney) at V, where V is now the marking of the subnet Nyy) 
on whose places P(V) the submarking is defined. 

From Theorem 2.2, proved later in this section, it will follow 


that this is also true for potential firability. 


“In Van Leeuwen {63] weak reachability means coverability. 
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We can rewrite Definition 2.20 in terms of t-deadness: 
Definition 2.21: 
A submarking V is said to be t-dead for a given transition t iff 
every marking which agrees with V is t-dead: 
V t-dead * VYM#aV: M t-dead. 


We notice that the negation of a weak extension (Definition 2.20) 
is a strong extension (Definition 2.21). 

In the case of liveness, neither the weak extension nor the strong 
extension to submarkings seems to be a useful concept, partly because 
there is no clear relationship between liveness in a subnet and liveness 


in the whole Petri Net. The same holds for persistence. 


2.5 Vector Notation for Submarkings 


The vector notation for markings was based on a certain indexing 
of the set of places, namely II = {p,. Poreees p, . If we now study sub- 
markings over the set P = {p,, p aie for example, should we use vectors 
with two coordinates or vectors with r coordinates where r-2 coordinates 
are "undefined'’? The second alternative has the advantage that the 
vector notation also carries information about the support of the sub- 
marking, namely those coordinates which are defined. 

We therefore include a new symbol, w, to denote the "value" of 
undefined coordinates in a submarking. Since we carry out additions, 
subtractions and comparisons with vectors, we must extend these 
operations to the symbol. We would expect that adding (or subtracting) 
something to (or from) an undefined quantity would yield an undefined 
quantity, i.e. Wagain. But what about order? It turns out that the 


following rules for dealing with W™ are not only consistent with our 


~45- 


intended use of submarkings, but that they provide a useful mathematical 
structure to the set of vectors over the non-negative integers 
augmented by the new symbol w, which we denote by Q, i.e. Q= IN U {fw}, - 
Definition 2.22: 
The augmented set of non-negative integers is the set 
Q=N U {w}, where Wis an element which behaves like an 
integer larger than any given integer and is characterized by: 
wné€N: w¥An &W2Fn & Wten=a WEW-n=zaWE 


W+WwW = W-W = WwW 


Now we represent submarkings as follows: 


Definition 2.23: 


A submarking M/P over a subset of places P © fp. |1 sisr} 
(r € IN) is represented by the vector V © Q® whose i? 
coordinate equals Mp, the jth coordinate of M, if P; € P; 
otherwise it is Ww: 


(1 sis<r): V(i) = ifp; ¢€ P then M(p,) else w 


The usefulness of this definition appears when the definition of 
transition firability for submarkings is rewritten in terms of vectors 


r 
over 0; 


t firable at V eo V 2 F(t) 


This is of course just like the corresponding definition for markings. 
This notation also gives us a way of talking about firing sequences 
and reachability in a Subnet in the same context - and place indexing - as 


in the whole net. Let Ny be the maximal subnet of N defined by the sub- 
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set of places P C II, Let V, V' be markings of Np (i.e. submarkings of 


N whose support is P). Then we write: 


V[t> Vv! e Ve2F(t) & V'=V- F(t) + Bit) 
V[A) V, for XA = the empty sting | 
Viot\v' » gv" € a7: ve)v" & V"[t)V', whereo € Z*, 
Also, if H(c) and A(@) are the hurdle and the marking change (Definition 
2.5) of O, then: 
Voov' » V2HO) & V'=V+AQ@) 
Notice that the above relations require that the supports of V, V' and V" 
be equal: P(V) = P(V') = P(V"). 
Now we can define a subnet reachability set: 
Definition 2, 24: 


(a) Let V, be a Submarking of support P ina Petri Net N. Then 


0 
the subnet reachability set for the initial submarking Vo is 


the reachability set of the subnet N,,, which is written as: 


Pp’ 


(v9) = fv € QT | a0 € B": vye)v) 
P 


By Yo? = Ry 


(b) The notions reachable in Ry lV, 02: coverable in Ryl(Vo): 


bounded in RylV 9): etc., all refer to the corresponding 


concept in the subnet Noy )° 
0 


It is important to note that even if Vo aS Mp, then V € RylVo) 


does not imply that V is reachable in N from My according to 


Definition 2.17. It only expresses reachability in the subnet N,,, where 


Pp’ 
some constraints, due to places in 1-P, have been removed. But the 


converse is true: If V is reachable in N from My and Vo is Mog 


restricted to the support of V (i.e. V9 = Mp/P(V)), then V € RylVq)- 
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This can easily be verified from Definition 2.17. 
On the other hand, suppose that V € R,(Vp), and let V)[9)V. 


As we have seen, this implies V, 2 H(@). If we now choose M, to agree 


0 0 


with Vj) on its support P and to agree with H(@) on the complement II-P, 


i.e. M, = V, & M, & H(C) mod (II-P), then M, 2 H(O), and hence 0 


0 0 0 0 


is firable at M, and M))M, where M = My + Af). Since V = Vt Alo) 


0 


and Mo Er) Vo it follows that M w& V. 


We summarize these facts in: 
Theorem 2.2: 
(a) If submarking V is reachable from the initial marking Mo, 


then V is reachable from the initial submarking V,, where 


0’ 
Vo agrees with My and has the same support as V: 


V reachable in Ry(Mg) > 


av, € QT: V, = M, & P(V) = P(V)) & V €E RAV) 


0 0 0 


(b) If a firing sequence o leads from submarking Vo to 
submarking V (of same support), then there exist markings 
My and M, agreeing with Vo and V respectively, such that 0 


leads from M, to M: 


0 


r 
Vo V EO": ViIo)Vv = 


GM), M € IN: (Mya V 


0° &MaVe& M,(o)M) 


0 
(c) VE Ry lV 9) = 
Mp; M: (Mo a V 


9 ®*MeV&eM € Ry(M))) 


A useful application of Theorem 2.2 is the following characteriza- 


tion of coverability in a subnet (cf. Definition 2.24(b)): 
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Theorem 2.3: 
Submarking V is coverable in RylVo) if and only if for every 
marking M which agrees with V, there exist markings Mo and M'! 
such that My agrees with Vo» M' exceeds M, and M' is reachable > 
from Mo: ; 
In other words, the following three statements are equivalent: 


(1) V is coverable in RylVo). 


(2) P(V,) = P(V,) & Vv, eV = gV, € RylV): Vo 2 vi 


M'!: M wVo & M 2M & Mm € Ry (Mp) 


(3)MxV > &M 0 


0” 
Proof: 

(a) Statement (2) is the formal definition of coverability in a subnet, 

as it follows from Definitions 2.7 and 2.24(b). Thus (1) and (2) are 

equivalent by definition. The subnet is defined by the support 

P= P(V,) € I | 

(b) (2) > (3): 

Let M, be an arbitrary marking such that M, as V, and let Vv, = 
M, /P, ice. the restriction of M, to the subnet defined by the support P 


of V By hypothesis (2), there exists Vo © Ry(V_) such that Vo ?V;,- 


0° 1 


By Theorem 2. 2(c), Vo € RylVo) implies the existence of 


markings My and My such that My ~ Vy and M, ~ V, and My € Ry(M)). 
Now let W be a marking which is zero over all places of the subnet, 
and which agrees with M, over all other places: (cf. Definition 2.15), 
WrOrodP & W = M, mod (II-P) 


Then we have: 


My + W as Vo ) 
) because W = 0 mod P 
My + W xe Vo ) 
M, + W 2 M, because W » M, mod (II-P) and Vy 2 V, 
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Finally, by the containment property (Theorem 2. 1(a) or (c)): 


(My + W) € Ry(M + W) 


If we write Mp 7 My + W 
M! = My + W 
M — M, 


we have shown that: 


(2) & MaesV ®?> Mav 


0 9 & M'2M & M' € R,(Mo) 


i.e. (2) > (3). 
(c) (3) > (2) 


Let V, be an arbitrary submarking such that V, = V and 


P(V,) = P, and choose some marking M which agrees with V,, i.e. 


V,=M/P. Then M also agrees with V. By hypothesis (3), there 


exist markings Mo and M' such that My * V and M' 2 M and 


M! € Ry(Mo). 


Now let Vo be the restriction of M' to P, i.e. Vo = M'/P. Since 


= t 
Vo = M,/P. we have Vo € Ry lV 9) as a consequence of M' € Ry(M 9). 


But now M' 2 M implies M'/P 2 M/P, i.e. V, 2 V,. We have 


2 1 
shown that: 


[(3) & (Vv, asV& P(V,) = P(V))] Vig S RylVo) & Vo 2V 


2 2 1 


i.e. (3) > (2). 


2.6 Some Mathematical Properties of the Set Vectors 
Over the Augmented Integers, Q 


Some of our proofs will require certain results about sets of 
: r ; : , 
vectors inQ). These results are collected in this section, and the 
proofs can be found in the Appendix. 


Recall that Q = IN y {w}, where w satisfies the following 
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(Definition 2.22): 


Yn EN: WAnK& wW2En& Wt naeWK W-n=zWk WHtEW=W-wWew 


The relation (V 2 V' & V # V') is abbreviated as V>V'. The 
relation of agreement (Definition 2. 15) between vectors V,V' € Q* can 


be expressed as: 
Vevie @ (Vi,isisr: V(i)+ Vi) #wW > V(i) = V'(i)) 


For the partial order relation S, the set IN’ is a lattice and the 
set ar is a complete lattice, where every subset A © ar has a unique 
least upper bound W = lub (A) where W € QT and: 


(VV € A: Vs W) &© Ws Wi 


Definition 2.25: 
A chain C ¢ Q7 is a subset which is totally ordered under ¢&, i.e. 
C = {Vo Vv 


by ithe ate. geeks 
press Vives } and Via % (for all j if C is infinite, 


or up to j = |C| - 2 if C is finite). 
Definition 2. 26: 
A subset A © a’ is chain-complete iff, for every chain C ¢€ A, 


its least upper bound is an element of A: lub (C) € A. 


, rs 2 

Since N° is a complete lattice, the lub exists for every chain. In 
IN’, however, infinite chains do not have a lub in IN’. 
Definition 2,27: 


A subset A ¢ 9° is monotone iff YV € A: V's V = V'€A. 


An example of a monotone set is the set of all vectors less than 


Some vector from some given finite set. In fact, we shall se that every 
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monotone Set can be expressed in this form. 
Definition 2.28: 


ro eae A. 
ForasetA C Q, its set of maximal elements A is the set: 


A: Wealavi.e a vi>v} 


Definition 2.29: 


For asetA C QT, its chain-completion A° is the smallest chain- 


complete set containing A, 


The theorems we shall require are: 
Theorem 2. 4: 
(a) Every infinite subset of Q* contains an infinite chain. 
(b) Every set of mutually incomparable vectors in N is finite. 
Theorem 2.5: 
If A ¢ Q* is monotone and chain-complete, then its finite set of 
maximal elements A is uniformly reducible to A, and it 
characterizes A as follows: 


A 
A = {vea'| avé€ A: vi 2v} 


By the uniform reducibility of A to A we mean that any procedure 
for testing membership in A can be effectively used to completely 
generate the finite set ee tv [3 < jk} where k is the size of A . 
Technically, there exists a partial recursive function which computes a 


A 
canonical index for A from a characteristic index for A (Rogers, [57]). 
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Theorem 2. 6: 
The chain-completion of a monotone set A © Q" is monotone and 
consists exactly of the least upper. bounds of all chains in A. (If 
Ac IN’, then A - A consists exactly of the least upper bounds 
of all infinite chains in A.) 
Note: 
Every element of A is the least upper bound of a one-element chain, 


and thus is included in A‘. 


Theorem 2.7: 
The chain-completion A®° of a monotone set A = IN’ is such that: 
Ac = fve a |vvi en’: viaVv >= vi € A} 
Theorem 2.8: | 
fA ¢ IN’ is monotone, then there exists a finite set 


{v,. er v,! = AC, uniformly reducible to a such that: 


A-{venN'|Vsv, of VV, or ... of VV) 


1 


Finally, let us mention a few results about semilinear sets. 
Semilinear sets were introduced by Parikh [46] to study certain problems 
in Formal Language Theory, and more recently have become useful in 
investigations about Vector Addition Systems (Van Leeuwen, [63]) and 
Commutative Semigroups (Cardoza, [ 6 ]). . 

Definjtion 2. 30: 

A setA © Q (or N°) is said to be linear iff there exist vectors 

Vo eat (called the base of A) and W, € IN’, 1 Si <n (called the 

periods of A) such that: 


A= {ven |ax. €N, 1 ism V = V.¢ > x. ° W.} 
. i QO j=1 i i 
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Matrix Notation: ‘ 


Let W be the r X n matrix whose column vectors are the periods W;, 


1Sisn. Thenwehave: A={v €Q"|gx eI": V=V,+ W- Xl}. 


0 
Definition 2. 31: 
A setA © Q* (or IN’) is said to be semilinear iff it is the union of 
a finite number of linear sets in Q’. | 
Theorem 2, 9: 
(a) The union of a finite number of semilinear sets in QF (IN") is 
a semilinear set in Q” (IN’). 
(b) The intersection of a finite number of semilinear sets in 
Q* (IN*) is a semilinear set in Q* (IN‘),: 
(c) The complement Q* - A of a semilinear set A ¢ Q7 isa 
semilinear set in Q7; the complement IN’ - A of a semilinear 


Yr: ‘ ; 
set A ¢ WN’ is a semilinear set in NN’, 


(a) follows from the definition; (b) and (c) are proved in 


Ginsburg and Spanier [14]. 


Theorem 2.10: 
The solution space of a set of linear diophantine equations with 


dummy variables is a semilinear set. 


This means that if A(t xr), B(t Xs) and C(t X1) are matrices over 
the integers Z, then the set {v € IN’ |gX € INS: A-V+B-X = C} is 
semilinear. 

The proof of this can be found in Ginsburg and Spanier [ 14] and in 
Van Leeuwen [63]. | 


Other examples of semilinear sets are mentioned in Corollary 4. 2. 
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We can apply Theorems 2.9 and 2,10 to the characterization of 
sovorene sets given by Theorem 2.8: 
Theorem 2.11: 

(a) Every monotone set in IN” is semilinear. 

(b) If the chain~completion A® of a monotone set A = IN’ is 


effectively recursive, then A is effectively semilinear. 
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CHAPTER 3 


DECIDABILITY OF BOUNDEDNESS AND COVERABILITY 


3.1 Introduction 

The decidability of boundedness and coverability was first proved 
for Vector Addition Systems by Karp and Miller [33], using the notion of 
a coverability tree. Karp and Miller's proof was not complete in the 
sense that it failed to take into account the complications arising from 
certain firing sequences which have a large hurdle but only a small or 
zero marking change. In Hack [20] we have presented a more detailed 
version of Karp and Miller's proof to handle all such situations. 

A proof using geometrical arguments in the vese apace IN" has 
also been presented by Van Leeuwen [63]. 

In this section we shall use some of the results on monotone Sets 
in Q” presented in section 2.6. We feel that this approach may relate 
the properties of boundedness and coverability more directly to the 
structure of the Petri Net in terms of its subnets and submarkings. The 
approach is also slightly more general in that it applies directly to sub- 
markings. But we must warn the reader that the conciseness of this 
approach is deceptive, since much of the mathematical work has simply 
been delegated to the proofs of the results of section 2.6 (given in the 
Appendix). 

The coverability problem is the problem of deciding, given a 
Petri Net N with initial marking M 0 and an arbitrary marking M, whether 
M is coverable in Ry(M 9), i.e. whether there exists a marking 


M'€ Ry(Mo) such that M' 2 M, 


Let us thus define the set of coverable markings Cy (M 9): 
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r ' ° ' 
Cy(M,y) = {M €IN” [GM € RM): M! 2 M} 


This set is clearly monotone by construction, Its chain-completion is, 


from Theorem 2,7: 
Cy(M 9) = {fvea’|¥YM en: Mau V>(gM' € Ry, (M9): M! 2=M)} 


Recalling the definition of submarking coverability (Definition 2.18), 


we have: 
c 7 r ‘ . 
Cy(M) = {v €* | Vis coverable in Ry(M,)} 
Thus: 
Lemma 3.1: 


The chain-completion of the set of coverable markings is the set 


of coverable submarkings. 


From Theorems 2.5 and 2.8 we can conclude that there exists a 
“™ 
finite set of maximal coverable submarkings Chy(M 9) = {v,. savers v,! such 
that: 


c x 
Cyy(M ) ive an?|vsev 


= 
1 or eee or V v3 


r 
Cy(M 9) (MeN |Msv, or ... or MsV} 


It is thus clear that the coverability problem for a fixed Petri Net 
is decidable, and quite efficiently so as a matter of fact. 

Boundedness is related to coverability by: 
Lemma 3,2: 

A place p, is bounded iff the submarking (Vj, 1 <j <r: V(j) = 

if j] = i then w else 0) is not coverable. 


If P; is bounded, then there exists a bound b such that the marking 
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(Vj, 0 Sj <r: M(j) = if j = i then b else’0) is not coverable, hence V 
is not coverable. Conversely, if V is not coverable, then for 
some b snare exists such a marking M, which determines a 

bound for Pi 


QED 


If we now want to prove that the Boundedness and Coverability 
Problems are uniformly decidable, we have to effectively construct the 
finite set of maximal coverable submarkings. The Karp and Miller 
Coverability Tree is such a eopermucden: the labels of the nodes in this 
tree constitute a finite set of coverable submarkings which contains all 
maximal coverable submarkings. In the following sections, we shall 
also construct coverability trees, in a step-by-step approach designed to 
illustrate more clearly the relationship between the coverability tree and 


various subnets of the Petri Net. 


3.2 Primary Unboundedness and the Primary Coverability Tree 

One way a place Pp; may become unbounded is the following: 

Let My be the initial marking, and suppose there exists a firing 
sequence 0,0, such that: 

Myit,)M, & M,[0,)M, & My =M, & My(p,) > M,(p,) 

Because of M, >My, every firing sequence possible from M, is also 
possible from My; in particular, 0, can be repeated, and therefore 
o 1° a is a legal set of firing sequences. But then it is clear that by 
repeating oy arbitrarily often, the marking in p,; can grow without bounds. . 
In particular, after the firing sequence o(o,)"5 the marking will be 


1 


M,+n: (M,-M,). All places P; for which M,(p,) - M,(p,) > 0 will be 
unbounded. . 
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This is called primary unboundedness, 


But this is not the only way a place can become unbounded, For 
example, in the Petri Net of Figure 3.1 place p 4 is unbounded: given any 
number n, the firing sequence GJ to(ts)” yields the marking 
(0, 1, 0, n)., But for no pair of reachable markings such that M, 2 M, 
do we also have M,(p,) > M, (p,). This net incidentally has the interest- 
ing property that t, can fire any finite number of times, but cannot fire 
indefinitely (see the "reachability graph" of this net in Figure 3.2). 

However, in this case the unboundedness of p 4 follows from that 
of Pa, for which we do find two markings having the property described 
here: Molt,)M, and M, 2M, and M,(pg) > Mo(pg). 

Because of this dependency, the unboundedness of p 4 may be called 
secondary unboundedness. In the next section we shall see how this is 
related to primary unboundedness in a subnet. 

The following construction, which we call a primary coverability 
tree, is useful for investigating primary unboundedness. We define it 
in the general case of a subnet with an initial submarking. 

Definition 3.1: 

The primary coverability tree DylVo) of a given Petri Net with a 

given initial submarking V) (or subnet defined by the support 

P(V)) of the initial submarking) is a labelled rooted tree defined 

iteratively as follows: . | 

base: The root node p is labelled Vo: 0 
step: Let @ be a node with label Ly which has not yet been declared 


L = V,. 
f.) 


as a leaf-node. There are four cases. 
(a) No transition is firable at submarking Ly» i.e. Vt € 2: 


Ly + F(t), In that case @ is a leaf-node called a dead-end. 


a p c 
(t,) 2 (t,) 
Figure 3.1 
41100 
1200 
a a 
0210 
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P4 
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(b) There exists a node y # @ on the path from (¢ to @ such that 
Ly = L,. In that case @ is a leaf-node calleda A-loop-end, 
anda A-backpointer points from @ back to y. This pointer is 
for record-keeping only and is not an arc of the tree. 

(c) There exists a node ¥ on the path from p to @ such that 
Lae? Ly; In that case @ is a leaf node called an w-loop-end, 

and an w-backpointer (also for record-keeping only) is directed 
from @ back to ¥. In addition, the label Ly is modified by 
setting those coordinates in which Ly strictly exceeds L, To WwW, 

-(d) If neither of the above cases holds, then @ is an interior mode, 
and it has a successor node whose label is L, - F(t) + B(t) for 
every transition t firable at L o The arcs pointing to the 
successor nodes are labelled with the transition whose firing 
they express. 

This definition differs from that of a full coverability tree given in 
Hack [20], Karp and Miller [33] or Keller [34] essentially in the fact 
that only primary unboundedness is found (relative to a subnet in case 
of an initial submarking), and so nodes where new w's are introduced 
are leaf-nodes, i.e. nodes without successors in the tree. 

Note 2: 

Step (c) in this definition may be interpreted in several ways if 
there exist more than one node ¥ on the path from p to @ such that 
ly > L,- We may choose one arbitrarily, in which case the primary 
coverability tree is not unique, or we may choose all such nodes and 


generate appropriately many W-backpointers, each causing some set 


of new W-coordinates. The proofs which follow do not essentially 
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depend on which interpretation we choose. The proof of Lemma 3. 4 
is written for a single W-backpointer, and the argument only has to 
be repeated for the other W-backpointers, if any. 

Figure 3.3 shows two primary coverability trees for the Net of 
Figure 3.1. | 

Lemma 3. 3: 

Every primary coverability tree is finite and can be effectively 

constructed. 

Suppose the tree is infinite. By construction, every node has at 
most as many immediate successors as there are transitions in the 
Petri Net, a finite number. Then, by K§nig's Infinity Lemma for 
rooted trees, there must be an infinite path in the tree, i.e. a path 
which does not eventually end at a leaf node. But then, by 
Theorem 2, 4(a), there must be an infinite subsequence non- 
decreasing in each coordinate of the sequence of node labels along 
that infinite path. This implies the existence of two nodes @ and B 
along the path, where @ is reached before 8, such that Lg 2 Ly: But 
then node 8 should be a leaf-node - either a \-loop-end or an w-loop- 
end, which contradicts the existence of an infinite path. 

Since the tree must be finite, the iterative definition can be used 
as a terminating algorithm to construct it. 

QED 


Note: 


K&nig's Infinity Lemma for rooted trees can easily be proved non- 
constructively. Assume the rooted tree is infinite, yet at each node 


there is a finite number of branches. Then at least one of the 
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W-loop-end dead-end A-loop- end jw 
/ 
W -loop-end 
Dy (41, 0, 0, 0)) Dy (41, #, 0, 0)) 
Figure 3.3 


»-loop- end 


— 
Dy (41, 0 0, 0) i-loop-end 
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branches from the root node must point to the root of an infinite 
subtree. The path traced out by the root nodes of such successive 
infinite subtrees must be an infinite path -- QED. K§nig's original 
Infinity Lemma [36] is more general. We provide.a translation of 


his proof in Hack [20]. 


The reason for introducing new w-coordinates in the label of an 
W-loop-end, which indicates primary unboundedness, becomes clear 
from: | 
Lemma 3. 4: 

If V is the label of some node @ in the primary coverability tree 

Dy(Vo9), then V is coverable in Ryl Vo): 

Let us adopt the convention that if a path (a forwards sequence 

of labelled arcs in the tree Dy(Vq)) from node @ to node 8 spells out 
a sequence O of arc labels, we write a(0)8. From the construction 
of Dy(V 5) it follows that if B is not an wW-loop-end, then the firing 
sequence 0 also leads from Ly to Le: 


g €5"; a,B nodes in Dy(Vp): @)B > LyloLg 


Thus, if a is not an wloop-end, then p[0)a@ for some path 0 
implies Vp [o>V, i.e. V is in fact reachable in Ry(Vo)- 

If a iS an wloop-end, then there exists, by construction, an 
internal node y such that: | | 


> 
yoda & Ly? Ly & L, € RylV,) 


Since L, > Ly o is also firable at Ly in fact arbitrarily often, and 
each repetition of 9 increases the marking in the coordinates 


corresponding to the new w-coordinates, whereas the marking in the 
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finite coordinates agrees with Lee Thus the new W-coordinates are 


unbounded in R,(V,), and L,, is coverable in R,(V9). 


QED 


Before proceeding to search for all unbounded places (in the next 
section), we show that the primary coverability tree is sufficient to 
decide boundedness of the whole Petri Net: 

Theorem 3.1: 

It is decidable whether a given Petri Net with its initial marking 

M, is bounded. 

If the primary coverability tree contains u-loop-ends, then the 
net is unbounded, by Lemma 3.4 above. Now suppose there are no 
wis, i.e. every leaf node is either a dead-end or a )-loop-end. If 
we fold all \-loop-ends along their \-backpointers (by identifying the 
A-loop-end node with the interior node), we obtain a finite graph 
where the vertices are labelled with markings, and where for every 
node @ whose label is M, and for every transition t which is firable 
at M, there exists an arc labelled t which leads from @ to a node 8 
whose label is M', such that M[t)M'. In other words, every firing 
sequence 0 starting at My and leading toM € Ry(My) can be spelled 
by the arcs along a path from p to Some node @ labelled M. So 
every reachable marking is represented in the graph. Since the 
graph is finite, the number of reachable markings is finite, so the 
net must be bounded. In fact, the bounds for the various places can 
be found by inspecting the labels of the graph. | 

QED 
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3.3 Boundedness of a Given Place and the 
Complete Coverability Tree 


To establish the unboundedness of a Petri Net, it is sufficient to 
establish the existence of some unbounded place by constructing the 
primary coverability tree for the initial marking. 

But if we also construct primary coverability trees for the sub- 
markings which label w-loop ends, we can find more unbounded places, 
including places which are not primary unbounded, Indeed, we have: 
Lemma 3.5: 

If V is coverable in RylVo). and V' is coverable in Ry), then 

V' is coverable in R,(V)). 

Let M' be an arbitrary marking which agrees with V': 

(1) M' w Vv! 
By Theorem 2.3, since V' is coverable in Ry(V), there exist 
markings M and M, such that: 
(2) Mae Vv 
(3) M, 2 M! 


(4) M, € Ry(M) 


1 
Since V is coverable in Ry(Vo)s Theorem 2.3 applied to (2) 


implies the existence of M, and M,, such that: 


0 2 


(5) My Ew Vo 


(6) M, =M 
(7) M, € Ray(Mp ) 
Now rewrite (6) as: 


(8) M 


tt 


2 M+ W, where W 20 


and define: 
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(9) M" = M, + W, where W = M, 


From Theorem 2.1 (containment) applied to (4) and (9) we deduce: 


-M>20 


(10) M" € R(M,) 


Thus, given M' = V' (1), we deduce the existence of M" and My such 


that: 
(11) Mg RS Vo (5) 
(12) M" 2M! from (3) and (9) 


(13) M" € Ry (M from (7) and (10) 


0) 
- But then Theorem 2.3 implies that V' is indeed coverable in RAV). 
QED 
This Lemma justifies the construction of the Complete 
Coverability Tree out of primary coverability trees as follows: 
Definition 3.2: 


“A 
The Complete Coverability Tree Dy (MQ) of a Petri Net N with 


initial marking Mj, is constructed iteratively as follows: 

Construct the primary coverability tree D,(M,). Its 
A-loop-ends and its dead-ends are leaf nodes of § (Mp). but all 
other nodes are interior nodes; the w-loop ends are still 
distinguished, but they are considered interior nodes. 

step: 

If a is an Wloop-end with label L hes V, append the primary 
coverability Dy(V) by identifying a with the root node of DV). 
All nodes of D,{V) except \-loop-ends and dead-ends become 
interior nodes of Dyy(M)- 

If there are no w~loop-ends left, the construction of By(My) 


is complete. 


=G7% 


Figure 3.4 shows the complete coverability tree for the Net 

of Figure 3.1. 

This construction terminates and is effective, because: 
Lemma 3.6: 

The complete coverability tree Bu,) is finite and can be 

effectively constructed. 

Any branch in D(M,) consists of a sequence of finite branches 
from primary coverability trees, and each time a new primary 
coverability tree is encountered, the number of W-coordinates of 
the labels increases, and the support of the corresponding 
submarkings strictly decreases. A branch of Bau,) therefore 
consists of a finite number of finite segments, and is finite. Since 
branching at every node is finite, the tree is finite by K§nig's Lemma. 

QED 

In the proof of Theorem 3.1 we showed that if a primary cover- 
ability tree contains no w-loop-ends, then every firing sequence from the 
initial marking (or submarking) can be folded onto the graph obtained by 
closing the )-loops. 

The same construction can be applied to complete coverability 
trees, because in a complete coverability tree the only leaf-nodes are 
A-loop~ends and dead-ends. | 
Lemma 3.7: 

If a marking M is reachable from Mo in a Petri Net N, then the 

complete coverability tree Dyy(M) contains a node @ whoSe label 

agrees with M: 


A 
M € Ry (My) > Ta € Dy(MQ): Ly~M 
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. Proof: 
Let 0 be a firing sequence leading to M, i.e. Mp[(0)M. The 
proof is by induction on the length of oO. 
basis: o = X (the empty firing sequence) 
Then M 2 Mo and @ =p, the root node: L, = My: 


step: 

o = J'-t and there exists a node @' such that Ly = M', where 
M,)(0')M'. We have M'(t)M, so @' is not a dead-end, We may also 
assume that @' is not a )-loop-end; if it were, its } backpointer 
would point to a node ¥ with the same label, and we could have chosen 
that node instead. 

It follows that a@' is an interior node, and there exists a successor 
node @, joined to @' by an arc labelled t, whose label is obtained 
from V = Ly, ~ F(t) + B(t). 

If & is not an W-loop node in some component primary coverability 
tree, then L, is simply equal to V (step d in Definition 3.1). Since 
Ly: ¥ M! and M = M'- F(t) + B(t), we have V = M, and hence also 
Ly * M. —— 

If @ is an W-loop node in a component primary coverability tree, 
then its label L re is obtained from V by replacing certain coordinates 
by W. But this still permits us to infer Ly ss M from V we M. 

In every case, we have proved the existence of a node a@ whose 
label agrees with M. Moreover, the firing sequence 9 can be 
spelled out by a sequence of paths in By(My) from p to @ linked by 
\A-backpointers. This, incidentally, is the reason for "labelling" 


these backpointers with the symbol for the empty string, 2. 


QED 
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Now we can use the Complete Coverability Tree to answer 
questions about coverability and boundedness: 
Theorem 3, 2: 
A submarking V is coverable in Ry(M 0) if and only if some node 
@ in Dry(Mg) carries a label which covers V: L, =v. 
(a) if; 

Every label in the primary coverability tree D,(M,) is 

coverable in Ryl(M), by Lemma 3.4. Because of Lemma 3.5, 
this property extends inductively to all nodes in Dyy(M). 
Indeed, let &@ be an &loop-end whose label V is already known to 
be coverable in Ry (Mo). Then every node in the primary 
coverability tree appended to @ in the construction of B (M9) is 
coverable in Ry(V) by Lemma 3.4, and hence coverable in 
Ry(M) by Lemma 3.5, 

Thus, if L a 2zv for some node @ and some given submarking 

_V, then the coverability in Ry (Mp) of Ly implies the coverability 
of V. 
(b) only if: — 

If V is coverable in Ry(Mo), then every marking M which 
agrees with V is coverable in Ry(Mo)- by definition. So let us 
choose M such that its unspecified coordinates (those corres- 
ponding to &-coordinates in V) are larger than any finite 
coordinate of all labels in Byy(My). Since M is coverable in 


Ry(M 9), there exists M' 2 M such that M' € Ry(M By 


, 0) 
Lemma 3.7, there exists a node a € Di(M 9) such that L, = M'. 
The finite coordinates of V are covered by M' and hence by L,,.. 


The w-coordinates of V correspond to coordinates which, in M 
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and thus also in M', are larger than any finite coordinates of all 
labels, such as L a’ Thus Ly must have W-coordinates where V 
has w -coordinates: Ly exceeds (or equals) V in all coordinates: 


L. 2V. 
a7 V QED 


Theorem 3.3 


Proof: 


(a) 


(b) 


(a) A place p, is unbounded in Ry (M9) if and only if some node @ 
th 


A 
in Dy(Mp) has a label L,, whose i”. coordinate is w. 
(b) The largest number of tokens b, that can ever accumulate in 
place P; is the largest value taken by the jth coordinate over 


A 
all labels in Dy(M)). 


By Lemma 3.2, place P; is unbounded iff a vector whose th 


coordinate is w (and all other coordinates are zero).is coverable. 


‘By Theorem 3.2 this is equivalent to saying there exists a label 


whose jth coordinate is w. 
Suppose P; is bounded, and the largest reachable number of 


tokens is bj. Let M be a marking which achieves the bound, 


i.e. the jth coordinate of M is equal to be By Lemma 3,7 there 


exists a node @ such thatL, «= M. By part (a) above, the jth 


coordinate of L q Cannot be Ww, and hence must equal b.- If some 
node B had a label Lg whose i“ coordinate exceeded b;, then by 


Theorem 3.2 some marking whose jth 


coordinate exceeds b; would 
be reachable, contradicting the fact that b, is a bound on the 
number of tokens in P;- Hence b; must be the largest value of the 
it coordinate of all labels in Dy(M,). 


QED 
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From Lemma 3,6 and Theorems 3.2 and 3.3 we can conclude, 
without further proof: | | | 
Theorem 3, 4: 
(a) It is decidable whether a given submarking is coverable ina 
given Petri Net with a given initial marking. 
(b) It is decidable whether a given place is bounded in a given 
Petri Net with a given initial marking. 
The following corollary states some consequences of Theorem 
3.4 which are easy to prove: 
Corollary 3. 1: 
(a) Potential firability is decidable. 
(b) t-deadness is decidable. 
(c) It is decidable whether a given transition can fire arbitrarily 
many times (infinite firability). | 
(d) It is decidable whether a given place P; will ever receive a 
token. 

(a) Potential firability of transition t at marking M is equivalent to 
the coverability of F(t) in Ry); see the observation following 
Definition 2.9. 

(b) t-deadness of M is the negation of (a). 

(c) If we attach an extra output place p' to t to count the number of 
firings, we only have to check the boundedness of p’. 

(d) This is equivalent to whether the marking whose hi coordinate is 
1 and all other coordinates are zero is coverable. 


QED 
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CHAPTER 4 
REACHABILITY PROBLEMS 


4,1 Reachability of a Given Marking or Submarking 
The decidability of the Reachability Problem is probably the most 


important open problem in the mathematical theory of Petri Nets and 
related formalisms. In the Introduction we saw how it relates to 
similar unsolved problems in other theories. In this chapter we exhibit 
a number of recursively equivalent formulations of the Reachability 
Problem. 

Given a Petri Net N = (II, 2, F, B, M,) with places II = {p, eis P,! 


and transitions £ = {t, 52% tJ, these various formulations are: 


The Reachability Problem (RP): Given M € IN’, isM € Ry(M 9)? 


The Submarking Reachability Problem (SRP): Given P ¢ TI and 
M/P € (IN U {w})", does there exist an M' € Ry(Mp) such that 


M/P » M'? 
The Zero Reachability Problem (ZRP): Is 0 € Ryy(Mq)? 


The Single-Place Zero Reachability Problem (SPZRP): Given a place 
p € Il, does there exist an M € Ry (Mg) such that M(p) = 0? 


Since RP and SPZRP are instances of SRP and ZRP is an instance 
of RP, it is sufficient to close the circle of reducibilities by showing that 
SRP is reducible to ZRP, and that ZRP is reducible to SPZRP. 

Lemma 4.1: . | . 
SRP is reducible to ZRP. 
We are given a Petri Net N and a submarking M/P over a subset of 
the places P C I, 


Let us add a "run" place Pg to N; po Contains one token and self- 
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(p,. ¢ P) 


Figure 4,1 
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loops on every transition of N. (See Figure 4,1.) 
| For every place p, € ll we adda transition 6; which receives a 

single arc from P;- A transition named 8 transfers a token from 
Pp to a new place 1 which self-loops on every 6s 1sisr, anda 
transition % removes a token from 1: 

For every place P; € P we include a new place 7%,, originally 
marked with Mp (i) tokens. Each place 1, sends a single arc to 6. 

Now the only way the augmented Net can reach the zero marking 
is if all 7, places are emptied. This requires first reaching some 
marking M' in N, then firing % into 1: At this point, we can empty 
all places in II-P since the corresponding oF transitions are not 
further constrained. But for P; € Pp, 6 can empty both p,; and 1, if 
and only if M'(p,) = M p(t); if either Pp; or LA contains more tokens, | 
it cannot be emptied. 

The last firing is that of 6{, and the zero marking could have been 
reached if and only if M' » Mp: Therefore, atest for ZRP of the 


augmented Net can decide SRP for M,, in N. 


Pp 
QED 
Lemma 4,2: — 


ZRP is reducible to SPZRP. 


Proof: 
We want to check whether the zero marking is reachable in Petri 
Net N. 


Let us add to N a new place 7 such that, at all times, 7 contains 
as many tokens as there are in all places of N, i.e. at every marking 
M: 

Men) = 5 M(p,) 
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r 
In particular, at the initial marking 7 contains & i M)(p;) tokens, 
r 
Let 4; = 2 (Bip,, t) - F(p,, i) be the change in the total number 
of tokens in N for one firing of transition Fe We simply connect tj 


to 7 by a bundle of thickness 4, such that: 


A, 20 > Ft) = 0 & Bit) = A, 


_ <0 F(7,t.) = -A. 7,t.) = 
A; 5 (1, t3) 4; & B(T, t,) 0 


Then the change to M(m) is also 4; Moreover, if tj is firable at M 
in N, then it is also firable in N augmented by 7, since M(™) must 
exceed the sum % F(p,, ts which is greater than F(t, t,). 

Now M = 0 iff M(m) = 0, so that a test for SPZRP of 7 in the 
augmented Net decides ZRP for N. 

| QED 
Figure 4.2 shows an example of this construction. 
From the obvious reducibilities and the two Lemmas we conclude: 
Theorem 4. 1: 
RP, SRP, ZRP and SPZRP are all recursively equivalent to each 


other. 


Figure 4.3 shows the circle of reducibilities. A thin arrow 
indicates the reducibility of a problem to a more general problem of 


which it is an instance. 


4,2 Reachability of Some Marking in a Given Set of Markings 


In Some cases, such as in the investigation of Liveness in the 
next chapter, we would like to test whether at least one marking ina 
given set of markings is reachable. If the set is finite, this involves 


just a finite number of applications of RP, but if the set is infinite, we 
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have to use a different approach. 

We have already encountered Reachability Problems of this kind. 
The SRP asks whether there exists a reachable marking in the set 
{M € IN* | es V} of all markings agreeing with the submarking V. The 
Coverability Problem is a decidable case of this kind, where we ask 
whether the set {M' € IN™ |r 2M} contains a auenaule marking. 

Such sets of markings to be tested for reachability can also be 
viewed as p redicates, where P(M) is true of marking M iff M is a member 
of sucha set. Thus, the predicate agrees-with-V holds for M iff 
M € {mM € IN’ [Ma V}. 

Definition 4. 1: 
(a) AsetA © NIN’ is said to be RP-solvable iff the problem of 
deciding, for a given Petri Net N with initial marking 
My € N’, whether there exists a reachable marking in the 
set A is recursively reducible to RP: [? Ry(M) 1 A#O] 
is reducible to RP. 

(b) A Predicate P(M) is said to be RP-solvable iff the problem 

of deciding, for a given Petri Net N with initial marking Mo» 
whether there exists a reachable marking which satisfies P 
is recursively reducible to RP: [? 4M € Ry (My): P(M)] is 
reducible to RP. 

(c) This problem is called the General Reachability Problem for 


the Petri Net N and the Predicate P, or the set A. 


The General Reachability Problem (GRP) is thus reducible to the 
RP by definition. The question of interest is now to exhibit a large 


class of RP-solvable sets and predicates. 
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Many sets of markings which will be of interest in later chapters 

can be directly proved to be RP-solvable, by showing a suitable 
construction, usually very similar to the construction of Figure 4.1. 
Examples are the set of markings covered by a given submarking (used 
in the proof of Theorem 5.1), or the set of markings not exceeding a 
given marking (used in the proof of Theorem 5, 3). 

But we shall use a more general approach and show that, among 
others, all semilinear sets (the two examples above are semilinear) are 
RP-solvable. 

Lemma 4, 3: 
Every Reachability Set is RP-solvable. 
Let R\ (My) & IN” be the Reachability Set of a given Petri Net N 
with initial marking My: We have to show that for every other 
Petri Net of r places, say N' with initial marking M!, we can decide 
whether R,,(Mj) 1 R(M)) # @ if we can decide RP or, in this 
proof, ZRP. | 

Given copies of the two nets N and N' with their respective initial 

markings, we construct a new net N" as shown in Figure 4, 4 (compare 
Figure 4.1!): Each component, N and N', has its "run" place, Po 
respectively Po: There is an extra place 7 which receives a token 
from transition 6; this transition removes both "pun" tokens. The 
set of transitions 6. 1<isr, matches the markings reached in N and 
N' token by token; it self-loops on place ™, Finally, 5 removes the 
token from 7, ‘(It is easy to see that this new net N" can reach the 


zero marking iff some marking can be reached in both N and N', so 
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base: (0, 1, 1) t 


periods: (1, 1, 0) 


t 
2 
(0, 2, 1) 
(0, 0, 2) 
t 
(0, 3, 0) 3 
‘4 
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that the transitions 6; can let the marking in N exactly cancel the 


marking in N! ° QED 


This Lemma involves the Common Marking Problem: Does there 
exist a marking common to two Reachability Sets? 
Corollary 4. 1: 
The Common Marking Problem is recursively equivalent to the 
Reachability Problem, 
Lemma 4,3 shows reducibility in one direction. For the other 
direction, let one net be a net without transitions. Its Reachability 
Set is then a singleton set, consisting only of the initial marking. 
Then RP is an instance of the Common Marking Problem. 
| QED 
Lemma 4, 4: 
Every Linear Set in IN’ is a Reachability Set. 
Recall that a Linear Set A © IN’ can be defined by a vector 
Vo & IN’ (the base) and a non-negative r Xs matrix B (whose s 


column vectors are the periods) by: 


A = {v € NT lax ewn®: Vv = Vo + B° x} 


This also precisely defines the Reachability Set of a Petri Net 

N = (fp, ++ Ppl {t,, --- to], F, B, Vo}) where F is identically 
zero (every transition has zero input places) and each transition ui 
corresponds to a period, viz. the jh column of matrix B. 


Figure 4.5 shows an example. 


QED 
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Lemma 4. 5: . 
The finite union of RP-solvable sets (of same dimension) is an 


RP-solvable set. 


Proof: 


Leet Aus ocu% A, bea finite collection of RP-solvable sets (of 


1 
game dimension), and let A = U, A, be their union. ' Then the GRP 
for a given Petri Net N and the set A is decided in the affirmative iff 
for some i, 1 <i4n, the GRP for the net N and the Bet A, is decided 
in the affirmative. If A contains a reachable marking M € Ry then 
A, must gontsin that marking. 

QED 
Recall that a semilinear set is the finite union of linear sets. 
Hence; 


Theorem 4. 2: 


Every semilinear set is RP-solvable. 


This theorem is especially important because semilinear Sets are 
closed under union, intersection and complementation (Theorem 2. 9). 
Thus, if we define a semilinear predicate over IN’ as a predicate whose 
Truth domain is a semilinear set, then every proposition involving semi- 
linear predicates of the same argument is a semilinear predicate of that 
argument, and thus RP-solvable. 


The following corollary lists a number of semilinear sets; 
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Corollary 4,2: 


Proof: 


(a) 


(b) 


(c) 


The followitig sets are RP-solvable: 
(a) Given matrices A (t Xr), B (t Xs), C(t X1) over Z: 
{v €n™ lax en’: A-V+B:>X = C} 
-(solutions to linear diophantine equations with dummy 
variables) 
(b) Given vectors V,, ... V, €Q": 
fvew'|ai,1sisn; vs vj) 
(c) Given a vector W € IN’: 


{fv en’ | v ¢w 


The solution space to a set of linear diophantine equations with 
dummy variables is semilinear (Theorem 2.10). See, for 
example, Ginsburg and Spanier [14] or Van Leeuwen [63]. 

This is a finite union of instances of (a), where A = B =I, the 
identity matrix, and C = V.- 

This is the complement of an instance of (a), where A = -B = I 


and C = W. 
QED 


As an exercise, the reader may wish to prove RP-solvability of 


these three sets directly, by adding the appropriate mechanisms to the 


construction of Figure 4.1. These constructions are much simpler than 


trying to find a semilinear representation of the sets and then using 


Lemmas 4.3, 4.4 and 4. 5. 


Remark: 


Semilinear Sets correspond exactly to Predicates expressible in 


Presburger arithmetic (Ginsburg and Spanier [14]). 
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CHAPTER 5 
_LIVENESS AND PERSISTENCE 


5.1 Liveness 
The decision problems discussed in this séction are; 
The Liveness Problem (LP): Given a Petri Net N with an initial 
marking Mo» is N live at Mo: i.e. is every transition live at Mo? 
The Sub-Liveness Problem (SLP): Given a Petri Net, an initial 


marking Mo and a transition t of the net, is t live at Mo in N? 


Let us recall that a transition is live at My iff no t-dead marking is 
reachable, where a marking M is said to be t-dead iff no firing sequence 
Starting at M can ever fire t, or alternatively, if t is not potentially 
firable at M (see Definitions 2.9, 2.10 and 2.11). 

Thus SLP appears to be an instance of the General Reachability 
Problem applied to the set of t-dead markings, if we can show that this 


set is RP-solvable. 


Let D. be the set of t-dead markings of a given Petri Net: 
D. = {M € NZ | tis not potentially firable at M} 
The most important property of this set is its monotonicity (Definition 


2.27): 


Lemma 5,1 


The set D, of t-dead markings of a given Petri Net is monotone: 


(M'<M & M €D,) > M' €D, 
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Suppose M' is not t-dead, i.e. there exists a firing sequence 
starting at M' which fires t. By the containment property (Theorem 
2.1), this firing sequence is also firable at the larger marking 
M 2M'. But this contradicts the assumption of t-deadness of M. 


QED 


From Theorem 2. 11(a) we conclude that D, being monotone, must be 
semilinear, And if the chain-completion Dr (see Definition 2.29) is 
effectively pesuEsive: i.e. if, givena Petri 1 Net, we can decide member- 
ship in De then D, is effectively semilinear. 

From Theorem 2.7 we get the following characterization of the chain- 


completion of D 


DP = (ve a? | MeN: Ma Vv > M€D)} 


If we compare this characterization with the definition of a t-dead sub- 


marking (Definition 2. 21) we conclude that: 
Do = {v € a" | Vis t-dead} 


Thus, the chain-completion of the set of t-dead markings is simply the set 


of t-dead submarkings. t All that remains to be proved is: 


Lemma 5.2: 


It is decidable whether a given submarking V is t-dead, for a 


t In general, Theorem 2.7 implies that if A is a set of markings having a 
certain property ®, then its chain completion is the set of submarkings 
having the property P' which is the strong extension of property P. We 
encountered a similar situation in Chapter 3, for the property of 
coverability. 
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given transition t in a given Petri Net N. 


Let P be the support P(V) of submarking V, i. e. the set of places 
on which it is defined (finite coordinates of V). Then V is t-dead in N 
iff V is t-dead as a marking of the subnet N p Indeed, for any firing 


sequence starting at V in the subnet N,, we can find a marking M = V 


P 
at which the same firing sequence is firable (Theorem 2, 2(b)) in the 


net N. Thus (V not t-dead in N > (M not t-deadin N) > (V not 


p) 
t-dead in N by definition), And if no firing sequence involving t is 
possible from V in the subnet, then a fortiori no such firing sequence 
is possible in N at anyM s V. | 

But now Corollary 3.1 says that the t-déadness of V in Np is 
decidable. Hence the t-deadness of V in N is decidable. 
QED 


Now we can assert: 


Theorem 5,1: 
Liveness (both LP and SLP) is recursively reducible to 


Reachability. 


LP is a finite number of instances of SLP, one nee transition. 

Since the set of t-dead markings D, is monotone (Lemma 5. 1) and its 
chain-completion, the set of t-dead submarkings Dr is effectively 
recursive (Lemma 5.2), D, is effectively semilinear, by Theorem 


2.11(b), and hence RP-solvable, by Theorem 4.2. This means that 
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the question of deciding whether some t-dead marking M € D. is 
reachable, i.e. the SLP, is recursively reducible to the Reachability 
Problem (Definition 4.1). ‘ 


QED 


We should point out, however, that the reliance on the semilinearity _ 
of D, may be considered overkill. The characterization of D, given by 
Theorem 2.8, on which the claim of semilinearity is based, is in terms 


“~ 
of the finite set De of maximal elements of Dr. We may call this the 


set of maximal t-dead submarkings: 


a 
DD = (Vy. Vy, l1<is<k: V, is a maximal element of Di} 


Then we have: D, = {M € IN’ |M<V, or... or MS V,}. Nowa 
simple modification of the construction in Figure 4,1 can be used to 
reduce reachability of some marking M s V; to reachability of zero, and 
thus reduce SLP to k instances of ZRP applied to this construction, once 
for each maximal t-dead submarking V. 1sixk. We leave the details 
as an exercise for the reader. 


Now we shall prove that the converse reducibility also holds. 


Theorem 5.2: 
(a) Reachability is recursively reducible to Liveness. 


(b) Reachability and Liveness are recursively equivalent. 


Proof: 
(a) We shall reduce the Single-Place Zero-Reachability Problem 


(SPZRP) to the LP. This is sufficient in view of the equivalence 


of RP and SPZRP, from Theorem 4.1. Let N be a Petri Net in 
which we wish to test whether a given place Pp, can ever ‘become 
empty, for a given initial marking. 

As shown in Figure 5.1, we construct a new net N by adding 
to a copy of N the following: 


- a'run" place Py which self-loops on every transition of N. 


a transition % which may remove the token initially 
present in Po: 
- a transition 6, which transfers a token from the test place 


p,; to a new place 7. 


a transition & which aelf-loops on 7 and deposits tokens 
on all places of the net, including Po and P;- 
The operation of Nis as follows. As long as neither 8 nor 
8, has fired, it behaves exactly like N. If, at any time, we fire 
) 


0 
unless P; contains at least one token, which may fire 6, + 


before having fired 6, then the whole net Nis frozen dead 


If, at any time whatsoever, we fire 6, we place a token on? 
which cannot disappear. Now 85 is permanently firable, and can 
generate enough tokens to fire any arbitrary firing sequence. It 
follows that any killing sequence for N must end at a marking where 
P; is unmarked. Conversely, if such a marking is reachable by a 
firing sequence Oo, then T% is a killing sequence, Thus N is live 
iff place Pp; Cannot become unmarked in N. 

(b) This follows from (a) and from Theorem 5.1. 


QED 
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Figure 5.1 
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Corollary 5.1 


The LP and the SLP are recursively reducible to each other. 


The LP is a finite number of instances of SLP, one for each 
transition. On the other hand, SLP is reducible to RP by Theorem 
5.1, which is in turn reducible to LP by Theorem 5.2(a). This is 
why Theorem 5.2(b) simply states equivalence between iavencas 
(LP and SLP) and Reachability (RP, SRP, ZRP, SPZRP-:::-), 

QED 


In Hack [20], we give a direct proof of the reducibility of SLP to LP. 
Essentially, we show that in a Petri Net, any transition can be replaced 
by a construction in which every transition is live by construction, and 
such that this modified Net behaves exactly like the original Net. The 
trick is that some specific patterns of firings of the new transitions have 
an effect on the rest of the Net identical to the firing of the old transition, 
whereas other patterns have a zero effect on the rest of the Net. Then 
we test the liveness of a particular transition t by replacing all other 
transitions by such guaranteed live constructions. The resulting Net 
will be live iff the remaining original transition is live, and thus we test 
the liveness of this transition by testing the liveness of the whole new Net. 
The construction increases the size of the Net by a small linear factor 
(~ 6). 

An interesting corollary of this is that any non-live Petri Net can be 


Simulated in this way by a live Petri Net. 


Historical Note: 7 

As early as 1970 (R. C. Holt, [29]), it has been conjectured that 
Liveness was reducible to Reachability. Keller investigated the 
problem in his 1972 report [34]. He observed the decidability of 
potential firability (which he called "pseudo-liveness'"'), as well as the 
(reverse) monotonicity of the set of markings at which transitions are 
potentially firable, and he guessed (correctly) that this property would 
be useful in reducing liveness to reachability. 

Our breakthrough (in 1973) was the realization that the possibly 
infinite set of t-dead markings (at which t is not potentially firable) 
could be described by a finite number of t-dead submarkings, thus 
reducing the SLP to a finite number of instances of the SRP 
(Hack, [20,21]), It was from that proof that we subsequently 
abstracted the properties of monotone sets and their chain-completions 
described in section 2.6. The separation of these lattice-theoretic 
aspects from the Petri Net aspects of the proof, and the introduction 
of the General Reachability Problem, considerably simplified the 


proof. 


The following example illustrates the use of t-dead saktiavidage: 

When we say that a submarking V is t-dead, we essentially say that the 
potential firability of transition t depends only on the marking of a certain 
subset of the places, namely the support of V._ If this submarking is too 
small, then t will never be firable regardless of how large the marking of 
the other places is. 

In the net of Figure 5,2, if Py is blank, no amount of tokens will make 


ty potentially firable; if Po is blank, it must receive a token via a firing 
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of t,» to fire tos and therefore we can see that the only t, ~dead markings 
are (1,0), (2,0), and all markings of the form (0, x), where x € NN. 

But these markings (0, x) are precisely all markings which agree with the 
submarking P; = 0, which we write as (0, ), and two markings (1, 0) and 
@,0). As it turns out, neither of the two markings (1,0) and (2, 0) is 
reachable, since if ty does not fire, there will always be more than 4 
tokens in Py» and after t fires, Po will always contain at least one token. 


The submarking (0,W) is also not reachable since no firing of t, or ty 


1 
changes the parity of the marking in Py: Since M (Py) is odd, we cannot 
reach a marking with zero tokens in Py: The conclusion is that ty is live 


at My = (5,0). 


5.2 Persistence 

As in the case of Liveness, there are essentially two decision problems 
to consider: 

The Persistence Problem (PP): Is a given Petri Net with a given 
initial marking persistent? 

The Sub- Persistence Problem (SPP): Is a given transition t 
persistent in a given Petri Net at a given initial marking? 

And since a Net is persistent iff every transition is persistent, it is 
clear that the PP is just a finite number of instances of the SPP, one for 
each transition. 

But in contrast to the previous section, we have not been able to reduce 
the SPP to the PP. This is because persistent Nets have special 
properties which restrict their generality in a significant way, whereas 
live Nets can "simulate" arbitrary Nets as indicated at the end of the 
previous section. In particular, Keller [35] has shown that Liveness is 


decidable for persistent Nets, and we have some evidence that the 
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Reachability Sets of persistent Nets are effectively semilinear. and 
that persistence of a Petri Net is in fact decidable. - 

In this section we shall show that the SPP is recursively equivalent 
to the RP. . We do in fact conjecture that the RP is decidable (see 
Chapter 11), but our conjecture for the decidability of the PP is totally 
independent of the RP, and is, in our opinion, also closer to being 
settled. 


Let us recall that a transition is persistent in Ry (Mg) iff; 


vu #1; YM €R\(Mp): [M2 F(t) & M 2 F(t!) 
=> M 2 F(t) + F(t') | 


This can be rewritten as: 


t not persistent in Ry (My) * 3M €R (M,)) 1 A 
where _ 
A = U,, ({M IM = F(t)} O {M|M 2 F(t')} A 
{Mm |M + F(t) + F(t')}) 


In other words, A is a semilinear set (see corollary 4.2 and Theorem 2, 9) and 
RP-solvable, by Theorem 4.3. It follows that t-persistence is reducible 


to the General Reachability Problem: 


Theorem 5. 3: 
Persistence (both PP and SPP) is recursively reducible to 


Reachability. 


—— 


ok ip te ee ee eR ge . 

The semilinearity of persistent Reachability Sets. has recently been proved by 
Landweber and Robertson in ''Properties of Conflict-Free and Persistent Petri 
Nets", TR #264, Computer Science Dept., U. of Wisconsin, Dec, 1975. 
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It should be observed that the related problem of whether a given 
transition can ever disable another transition can similarly be reduced 
to the GRP. 


Now we shall show that the reverse reducibility also holds for the SPP, 


i.e. persistence of a given transition, — 


Theorem 5.4: 
(a) Reachability is recursively reducible to the Persistence of a 
given transition (SPP). 


(b) The SPP is recursively equivalent to the RP. 


(a) We shall reduce the SPZRP tothe SPP. Let N be a Petri Net 
(with its initial marking) in which we wish to test whether a given 
place, say Py» can ever become unmarked. The construction 
required is quite trivial; We simply add a transition % which 
self-loops on the place to be tested for zero, i.e. Py- If Py is 
initially unmarked, the SPZRP is trivially affirmed. Otherwise, 
8% is enabled as long as Py is marked, and can only be disabled if 
Some other transition eventually removes the last token from Py 
Then 8p is persistent iff p, cannot become unmarked, 

(b) This follows from (a) and Theorem 5, 3. 

QED 
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CHAPTER 6 
UNDECIDABILITY AND WEAK COMPUTATION 


6.1 The First Undecidability Proofs for Vector Addition 
Systems and Petri Nets 


When Vector Addition Systems were first developed, it was believed 
that all Reachability Sets would be semilinear. Because of the 
connection between semilinear sets and Presburger Arithmetic, a 
decidable first-order theory, most questions about Vector Addition 
Systems and Petri Nets would then be decidable, including the 
Reachability Problem (still open) and the Inclusion Problem (in fact 
undecidable). But in 1967 M. Rabin [56] showed that this is not the case: 
he exhibited a non-semilinear Reachability Set, and showed that the 
problem of deciding whether one Reachability Set is a subset of another 
Reachability Set (the Inclusion Problem) was undecidable, by reducing 
the unsolvable problem of finding the roots of exponential diophantine 
equations to it, In 1970 the corresponding problem for diophantine 
polynomial equations (Hilbert's Tenth Problem) was shown to be 
undecidable, and Rabin presented a new proof of his Theorem in a talk 
at MIT in 1972. Rabin never published his proof, but an account of his 
1972 talk can be found in Baker [4], We presented a Petri Net version 
of this proof in Hack [20] and, on the occasion of publishing our proof of 
the undecidability of the Equality Problem for Reachability Sets 
(Hack [(23]), we broke Rabin's proof down into several relatively 
independent steps, each of which may be interesting in its own right. 


This is also our approach in this and the following chapter. 
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6,2 Diophantine Polynomials and Hilbert's Tenth Problem 


Hilbert's Tenth Problem can be stated as follows: 


Given a polynomial of several variables P(x, oe x) with integer 
coefficients, does it have an integral root, i.e. does there exist a 


n 7 
vector (x, Sass x. € Z° such that P(x, ... x.) = 0? 


It is one of 23 mathematical problems that D. Hilbert [26] proposed to 
mathematicians at a eanzeese in 1900. Many of these were subsequently 
solved or proved undecidable, and the Tenth, despite its very simple 
formulation, was one of the toughest. Inthe U.S.A., Davis, Putnam and 
Robinson [10] showed that the corresponding problem for exponential 
polynomials (with variables allowed as exponents) was undecidable, and 
that if the integral roots of ordinary polynomials could grow like an 
exponential function of the coefficients Hilbert's Tenth Problem would 
also be undecidable, In the USSR, number theorists had been aware of 
such properties of the integral roots of polynomials quite early, but only 
in 1970 did Yu. Matijas'evié [40] bring the two lines of inquiry together 
and thus demonstrated the undecidability of Hilbert's Tenth Problem. 

For our purposes, we prefer to restrict our attention to the non- 


negative integers, 


Definition 6.1: 
A diophantine polynomial P(x, ae x,) is a polynomial of several 


variables with non-negative integer coefficients. 


Definition 6.2: 


The graph of a diophantine polynomial P(x, ... x) is the set:. 
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G(P) = { (xy. eee, xy) EN! ly s P(x, .-. x,)J 


The version of Hilbert's Tenth Problem we shall uSe in our 
undecidability proofs is what we call the Polynomial Graph Inclusion 
Problem (PGIP): 


Given two diophantine polynomials P and Q with the same number of 


variables, do we have G(P) © G(Q)? 


Theorem 6. 1: 
The Polynomial Graph Inclusion Problem is recursively 


undecidable. 


We shall reduce the undecidable Hilbert's Tenth Problem to the 

Polynomial Graph Inclusion Problem. 

(a) We can restrict the arguments of the polynomials to the non- 
negative integers. Indeed, P(x,, Sealy x) = 0 has a solution in 
Z if and only if one of the a polynomials obtained by replacing 
some variables by their negative has a Solution in IN. 

(b) Any root of P(x,, Evils x) is also a root of P(x, bees x) and 
ee versa, Hence we can restrict our attention to polynomials 
whose range is in IN, | 

(c) By separating the positive and the negative coefficients of a poly- 
nomial whose range is non-negative, we get two polynomials 
Q,(x,, bled x,) and Qo (x;, eee x): each with non-negative 
“integer coefficients, Such that: 


\ 
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Vx x € WN: Q,(x)> eee, x) 2 Q,(x,> eoeey x) 


1’ ‘@eeg n 
There exists an integral root to the original polynomial if and only if 


AXys eees X € WN: Q,(x,, aes x) = Qo (x, sie uis x). 


Now let us consider the following two polynomial graphs: 


G(Q,) = {¢x,, eget xy € worl ly Q (xp eee x} 


G(Q, + 1) = {<x,, eis xy) é wetl lys1+ Q, (x), er x} 


From this it follows that: 


[Vx,, ones x07 € IN: 


G(Q, +1) ¢ G(Q,) 
woes X))] 


(y $ Qy(x,, ete x +1 > y = Q, (x), 
© 4x,, soon XY EN: 
Q, (x, eS : 1+ Q,(x,, cons X,) 


Combining this with the fact that Q, never exceeds Q) this implies 


G(Q, + 1) c G(Q,) @ AX, ees XY € N: 


y= 1+ Q,(x), oces X,) = 1+ Qo(x,, eves Xn) 


In other words, Hilbert's Tenth Problem is decided in the negative if 


and only if the corresponding PGIP is decided in the affirmative, thus 
proving the undecidability of the PGIP. 
QED 


Remark: 


The Polynomial Graph Equality Problem (PGEP) is clearly 


decidable, because two polynomial graphs are equal iff the two 
. diophantine polynomials take the same value for every argument, 


which is possible if and only if the two polynomials are in fact the 
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same polynomial. We have thus a striking example of a family of 
sets where equality is decidable, but inclusion is not. 
It is also not difficult to prove that Hilbert's Tenth Problem is not 


only reducible to the PGIP, but is in fact recursively equivalent to it. 


- In the next section we shall show that Petri Net Reachability Sets can 
express polynomial graphs, Actual undecidability proofs will be 


presented in Chapters 7 and 10. 


6.3 Weak Computation by Petri Nets 


In order to relate Hilbert's Tenth Problem to Petri Nets, we must 
show how Petri Nets can compute polynomials, in Some sense. Usually, 
an automaton used to compute a function is given its arguments in some 
form, and started in some "initial" state. If and when the automaton 
halts in some "final" state, we can recover the computed value, for 
example by reading the contents of a certain register. Such an 
automaton is usually thought to be deterministic, or at least functional in . 
the sense that all halting computations produce the same result. But the 
non-determinism associated with the set of possible firing sequences in 
a Petri Net is essential to the power of Petri Nets. In fact, if we only 
consider Nets whose firing sequences are monogenic (''deterministic" 
Petri Net, where at every reachable marking only one transition is 
firable), then all the problems mentioned so far are decidable (the reach- 
ability sets will be ultimately periodic or finite). 

So, in order to get any non-trivial functions, we have to modify our 
idea of a computation. Following Rabin, we shall say that a non- 
deterministic automaton weakly computes a function f(x, Secs x) iff the. 


maximum output value over all computations starting with the argument 
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Kyo eees X, is f(x), ---, X,). : 

This definition makes sense only if the range of output values over all 
computations starting with a given axoumient is finite. There are thus 
two ways in which a weakly computed function may be undefined for a 
given argument: If there are no computations, i. e. no "final" state is 
reachable, or if there are computations which produce arbitrarily large 
output values for a given argument. | 

In this chapter we shall make ‘he: further assumption that every 
reachable state is a "final" state, so that every execution sequence 
(including the empty one) is a computation sequence, and every prefix of 
a computation sequence is also a computation dequence: We may call 
this the prefix interpretation. 

There are several — in which a Weak Computer can be represented 
ina Petri Net. The coding of the inputs is usually straightforward: A 
certain number of places, say p, ... Pp,» are designated as "input" 
places of the net, and the initial marking is predetermined in the 


remaining places p The initial marking of the input places is 


nt+1°*** Pr: 
the argument x. tees x): Every firing sequence starting from the 
initial marking is considered a computation. 

The output of a Petri Net Weak Computer can be defined in several 
useful ways. In Rabin's proof (as translated into Petri Nets) and in 
Hack [20], the output was defined as the largest marking reached ina 
designated "output place", In Hack (23] it was found more convenient to 
use a distinguished "count" transition whose largest number of firings 
was defined as output. Now we wish to use the length of the longest 


firing sequence as output, in effect declaring every transition to be a 


"count" transition, The main reason is that this definition permits the 
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same construction to be used in proofs about Reachability Sets 

(Chapter 7) and in proofs about Petri Net Languages (Chapter 10). 

Since every transition firing counts, there is no "invisible scratchwork" 
in such a Weak Computer. 

The class of functions weakly computable by Petri Nets may depend 
on the output convention. It is easy to see that the "output place" and 
the single "count transition" conventions are equivalent, and that every 

‘function weakly computable in the firing sequence length sense is also 
weakly computable in the "output place" sense (just add a new place 
which gets one token from every transition firing). It is not known 
whether every fonction weakly computable in the "output place" sense is 
also weakly computable in the "firing sequence length" sense. Because 
of this, we shall call a Weak Computer in the "firing sequence length" 
sense a A-free Weak Computer. This terminology is borrowed from 
Petri Net Language theory, where a )-transition is an "invisible" or 
"internal" transition whose firings do not explicitly show up in the output 
of the net. 

We shall thus define a Petri Net Weak Computer in the )-free prefix 
interpretation, Because of the containment property (Theorem 2.1) of 
Petri Nets, any computation with a given argument can also be carried 
out with any larger argument. This means that only non-decreasing 
functions (in every variable) can be weakly computed by a Petri Net 
under this interpretation. 


Note: 


In the remainder of this thesis, we shall interpret Petri Net Weak 


Computer as )-free prefix Petri Net Weak Com uter. 
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Definition 6. 3: 
A Petri Net Weak Computer (in the \-free prefix interpretation) 
for a (non-decreasing) function f = IN" ~ IN of n variables 
x, eee 
properties: 


Xn is a Petri Net with r 2 n places and the following 


(a) The initial marking Mo agrees with a fixed submarking 
Mo/{Pi41° cae p,} of the non-input places, and encodes the 
argument in the input places by Mo/{p,, ed tize. Pt = 
x) re ? ‘ | 

(b) For every initial marking as described in (a), there exists a 


longest firing sequence of length {(x,. Swids x). 


Note that there may also exist firing sequences of length shorter than 
f(x,, ais x,) which nevertheless cannot be continued. 

Now we are going to show that diophantine polynomials are weakly 
computable by Petri Nets in the sense of Definition 6.3 (and hence also 
by the less restrictive earlier definitions of Petri Net weak computability). 
A polynomial P(x, wet x,) is a finite sum of monomials: 

k 
P(x; +... %,) = Pt (M(x, ++ X)) 


where each monomial is of the form: 
n 
B. . 
ees eee ee 
n) J j=1 2 


The a are poSitive integer coefficients and the B. j are non-negative 
zd 


Mie, 
integer exponents. We shall first show how to compute monomials, and 


then how to add them together. 


The basic "circuit element" will be the elementary multiplier, 
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illustrated in Figure 6.1. 


Figure 6.1 


This net consists of two control places 7 and, exactly one of which 
may contain a token initially in? Two transitions a and a' transfer the 
token between 7 and ™ and each time transfer one token from place p, 
which initially contains x tokens, to place p' (initially unmarked). Two 
transitions b and b', which self-loop on T and 7 respectively, shuttle 
tokens between places q and q'; originally, q contains y tokens, It is 
easy to see that a and a' can together fire only x times, and between a 
and a', or a' anda, either b or b! can fire at most y times; the longest 
firing sequence achieves these oper bounds and fires a total of x times 
in {a, a'} and a total of x - y times in {b, b'} for a maximal firing sequence 
length of x- (y+ 1); this leaves x tokens in place-p'. 

As used in the construction which follows, places p and q may be 


initially unmarked, but will receive up to x and y tokens respectively. 
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The maximal firing sequence is then achieved by waiting until all tokens 
have arrived; if firing starts before, it can only diminish the achievable 
sequence length, never increase it, Since we are only interested in the 
longest firing sequence, it will not be necessary to impose a certain 
sequencing on the various elementary multipliers, because the described 


sequencing will be maximal. 


Lemma 6.1: 


For eachi € IN’, there exists a Petri Net S, with the following 


i 

properties: 

(a) It is a )-free Weak Computer (Definition 6.3) for the 
polynomial (x, + 1)(x5 +1)°°- (x, +1) - 1, with input places 
Py +: P;- | | 

(b) It also has i "output" places PL oes Ph initially unmarked, 
into which the tokens from the corresponding "input'' places 
P, +++ P; are transferred during the computation, i.e. each 


' time a token is removed from Pj 1<j<i, a token is 


deposited in Py 


We first note that such a net has the property that after a maximal 
firing sequence, the argument initially in Py oes Py is now in Pj +s: Pi. 
The proof is by induction. 


The net Ss consists of places Py Pi and transition a, which simply 


1 
transfers tokens from P, to P} (Figure 6.2a). For an initial marking 


of Xy tokens in Py ( and zero in P}) the longest firing sequence is 
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Figure 6.2a 
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Figure 6.2b 
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clearly of length (x, +1)-1. 
Inductive Step: 

We are given the net S;. We construct S; +1 by adding the 
"elementary multiplier" of Figure 6.1 with places and transitions 
indexed i+1. Then we let every transition of Ss. (i.e, transition ay 

and, for all j, 2 <j <i, transitions ais al, b and bi) deposit one token 
in place q,,4 (Figure 6. 2b). 

It is easy to see that the longest firing sequence is obtained by 
first firing a maximal firing sequence in S.. This puts the largest 
number of tokens y into Wa and accounts for the first y firings, 
pere & 
into places Py diets Pi. Then the "elementary multiplier" fires its 


where y = (x, + 1)(x, +1) ee. (x, + 1)- 1. It also copies x 


maximal sequence, of length Xi 


The total length is thus Xv + lbt+y = (X44 +1y+1)-1 = 


,(y + 1), and transfers x, , to pi,,- 
(x, + Ixy + 1) eee (x + 1G + 1) - 1 


QED 


Lemma 6,2: 
For every diophantine monomial, there exists a Petri Net Weak 
Computer for it which also copies its argument into "output" 


places, as in Lemma 6.1. 


Proof: ‘ 

ae B, By 8B, 

Such a Weak Computer for monomial @ + Xp ° Xp te XK, is 
obtained from Petri Net S,, i= 1+ B, + 8, teen t 8. by simple 
modifications as illustrated for the example 3 ° x? * y, where the net 


S, (Figure 6. 3a) is transformed as shown in Figure 6. 3b. 
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Figure 6, 3a 


input i 
Output 1 
npur 2 output 2 


"start" "run" 


Figure 6.3b 
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(a) Place Py is marked with @-1, in this case 2 tokens. 
(b) Repeated multiplication of one variable (exponentiation) is 
achieved by identifying the "output" place of one level (in the 
inductive construction of s;) with the "input" place of the next 
level. In this case, Py is the x input; P3 and Py are the same 
place, initially unmarked, used for multiplying again by x, and 
P3 is now the output associated with x. 
(c) We adda "run" place which self-loops on every transition in S. 
and a "Start" transition which puts a token into the "run" place 
and removes a token from every P; place used as an input for a 
monomial variable (in this case, p, for x and p, for y). The 
start’ transition also adds one token to every monomial "output" 
place (in this case, P3 for x and P4 for y), to restore the correct 
argument at the end of a maximal sequence, 
- This construction functions as follows. Recall from the proof of 
Lemma 6.1 that the maximal firing sequence is obtained by first 
consuming tokens from Py: then from Po, ete. The length of the maximal 


firing sequence of S, is thus (x, + 1)(x, + 1)(x, + 1)(x, + 1)-1, where 


4 


x; is the marking of P; prior to the firing of level-j transitions in S 4° 


Thus x, = 2. Since nothing can fire until "start" has fired (which, 


incidentally, implies x -y # 0), we have x, = x-landx,~=y-1. The value 


of Xe is also Xg = Xo = x-1 because, in the maximal firing sequence, 
level 3 starts firing only after jevel 2 has transferred all tokens from Po 
to pj, which is the same place as p,. By counting the "start" firing, we 
get a maximum total of (2+1)(x-1+1)(x-1+1)(y-1+1) - 1+ 1, or 3° x2 ys 


as desired. At the end of such a maximal sequence, the argument , y) 


has been copied into the "output" places p}, and p}. 
QED 
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Lemma 6.3: 
Every diophantine polynomial can be weakly computed by a Petri 


Net for all positive arguments in the sense of Definition 6. 3. 


We construct a )-free Petri Net Weak Computer for the polynomial 
by concatenating the Petri Nets corresponding to its monomials, in 
some Summing order, as shown in Figure 6.4 for the example 
3° x” “y+2+y*+z+x+z+2. We identify the output places of one 
monomial computer with the corresponding input places of the next 
monomial computer. We also let the "start" transition of each 
monomial computer (except the first) remove the token from the 
preceding "run" place. This enforces the summing sequence and 
makes the operation easier to follow, although it is not essential. It 
will be useful in later applications, however. Finally, we allow for 
some extra firings to account for the constant term. The 
maximum firing sequence requires that each monomial Net be 
maximally fired; this makes a full copy of the argument available for 


the next monomial Net, if the argument was poSitive. 
QED 


The reason we restrict the argument to be poSitive is that, for a given 
summing order, certain zero arguments can prevent the transmission of 
some positive variables to non-zero monomials later inthe sum. This 
happens in the example above if x (or y) is zero and y (or x) and z are 
positive. For &,y,z) = 0, 1,1) there should be a firing sequence of 


length 4 when, in fact, only the constant can fire (length 2), But this can 
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be avoided, as we show in: 


Theorem 6, 2: 
Every diophantine polynomial can be computed by a Petri Net 


Weak Computer (for all non-negative arguments). 


Proof: 

For every subset of zero-valued variables there is at least one 
way of summing the monomials of a polynomial by the construction 
used in the proof of Lemma 6. 3*) So we simply permit several 
possible orderings of the monomials. For every such erdenne: we 
construct a Petri Net as described for Lemma 6.3, for the non- 
constant monomials. We add a "begin" place which initially 
contains one token, and which is an input place to the first "start" 
transition of every component fixed-order-summation net, All input 
places are shared, i.e. we identify input places corresponding to the 
same variable; these are the input places of the new net. The 
"begin" place enforces that exactly one summation order takes place, 
Finally, there is a transition for evaluating the constant term (see 
Figure 6.5.) 

Now, for every non-negative argument, there is at least one 
component whose maximal firing sequence combined with that of the 
constant evaluation is of length P(x, coe xn) and no component has a 
longer maximal sequence. Since only one component can fire, the 


construction achieves the desired objective. 
QED 


*) For example, by adding those monomials which would be zero last. 
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In the next chapter we shall see how such a Weak Computer can be 
used to generate polynomial graphs as the projection of Reachability 
Sets, and in Chapter 10 it will be used to encode polynomial graphs as 
Petri Net Languages. In both cases, this forms the basis of the various 


undecidability proofs. 


Remark: 

Many different constructions are possible for weakly computing 
polynomials. All are more or less awkward if they have to be fully 
general, For a given polynomial it is often possible to "customize" 
the construction and end up with a smaller and more elegant Petri Net. 
It should be pointed out that the complexity of the construction 
presented here is due to the more restricted "firing sequence length" 
interpretation of weak computation by Petri Nets. Even though it is 
orders of magnitude more efficient than the construction proposed in 
Hack [24] for Petri Net languages, it is still of "size" K - Nn? in terms 
of the ''size"’ of the polynomial, whereas a construction uSing the 
"output place" interpretation of weak computation would be of "size" 
K -N, fora reasonable definition of the notion of the ''size" of nets 
and polynomials, such as total number of arcs in a net and sum of all 


exponents in a polynomial. 
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CHAPTER 7 
INCLUSION AND EQUALITY PROBLEMS FOR REACHABILITY SETS 


7.1 The Decidability Problems 


In this chapter we investigate the problem of comparing the 
Reachability Sets of two Petri Nets A and B, each with a given initial 
marking. If A and B have the same number of places, and if these 
places are indexed 1... rin both nets, we can compare their Reach- 
ability Sets R(A) and R(B) directly. Given such A and B: 

The Inclusion Problem (IP) is the question of whether R(A) © R(B). 
The Equality Problem (EP) is the question of whether R(A) = R(B). 

Sometimes we are only interested in comparing the Reachability Sets 
restricted to a certain subnet in each Petri Net. In this case we must 
have two subnets of the same number of places, as well as a bijection 
between these two subsets of places, in order to be able to compare sub- 
markings; the nets themselves need not have the same number of places, 
Without loss of generality, we shall assume that the subnets consist of 
the first n places of two given Petri Nets A and B. Now we compare the 


projections of the Reachability Sets on the first n coordinates: 


Definition 7. 1: 
The projection on the first n coordinates of a set WC IN’, where 
r2n, is the smallest set P(W) ¢ IN” such that WC P (Ww) x 


nw", 


Thus each vector in Pt W) consists of the first n coordinates of some 


vector in W. The Xin the definition represents the cartesian product. 
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We also use Xto denote the "concatenation" of two vectors: if V € IN" 
and V' € IN’ ", then V x V' denotes the vector in IN’ which is the 
element of the singleton set {Vv} x {v'}c IN’, Thus, every vector in W 
is the "concatenation" of a vector in the projection P{W) and some 
arbitrary vector of r-n coordinates, 

Let A and B be two Petri Nets with their initial marking, such that 
they both have at least n places (but not necessarily the same number): 

The Subspace Inclusion Problem (SIP) is the question of whether 
P (R(A)) & P_(R(B)). 

The Subspace Equality Problem (SEP) is the question of whether 
P (R(A)) = P_(R(B)). 

In the next sections we shall show that these four problems (IP, EP, 
SIP and SEP) are all undecidable, because the PGIP, which is undecidable 
- by Theorem 6.1, can be reduced to them. Figure 7.1 shows the various 
reducibilities; thin arcs are the trivial reducibilities of a special case to 


a general case. 


7.2 The Subspace Inclusion Problem (SIP) 


Now we shall use the fact that Petri Nets can weakly compute 


polynomials. 


Lemma 7.1: 
Given a polynomial Q(x,, . Se ‘ x,) with tionsnegative integer 
coefficients, there exists a Petri Net A such that the projection of 
its reachability set on the first n + 1 coordinates is the graph of 
(R(A)) = G(Q). 


Q: Phi 
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Theorem 7.1 


(undecidable by Theorem 6.1) 


Theorem 7.3 © 


transition 
in B 
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Let B be a Petri Net Computer for polynomial Q, as described in 
Chapter 6, with a "begin'' place as used in Theorem 6.2. If Bhasr 
places, let us index them from n+3 through r+n+2 such that 


z We "! s 
Puepcee Po nt? are the "input" places for variables Xypeee Xe and 


that py,3 is the "begin" place. The initial marking of B's places is 
as constructed in Chapter 6, except that the "begin" place and all 
"input" places are initially unmarked. Thus no transition in B can 
fire until the "begin" place receives a token. 

To construct Petri Net A, we take this copy of B and add n+2 places 


Py +++ Pryo and n+1 transitions Bg ses 6. (see Figure 7.2). Place 


Prrg is initially marked with one token; places Py se* Poyy are 


initially unmarked. Transition on) transfers a token from p to the 


n+2 
"begin" place of B, Pony3? Each transition @,, 1 <i<n, selfloops on 


Pate and, at each firing, deposits a token into place P; and into the 


jth input place of B, p Finally, place Pes receives one arc 


1 
from every transition in B, and thus collects a number of tokens equal 


n+2+i' 


to the length of a firing sequence in B. 

But before any transition in B can fire, 6) must fire, and before 
that only the 6. 1 Sin, could fire. Suppose each 95. 1 Sidn, fires 
x, times before 9% fires. Then places P, ++ P, are marked with the 
argument &, see x? with which B starts to compute, and generates 
Thus: 


anywhere between zero and Q(x, eee x,) tokens in p 


(R(A)) = G(Q). 


n+1° 


Pat 1 
QED 


From this follows: 


ae 


Theorem 7. 1: 
The PGIP is recursively reducible to the Subspace Inclusion 


Problem (SIP). 


Given two polynomials with non-negative integer coefficients we 
construct two Petri Nets whose projected Reachability Sets are the 
graphs of the respective polynomials as indicated by Lemma 7.1. 


Then a test for the SIP will also decide the corresponding PGIP. 


QED 


Corollary T.1: 
The SIP is undecidable, 


This follows from the undecidability of the PGIP (Theorem 6,1) and 
the reducibility of the PGIP to the SIP (Theorem 7, 1). 
| QED 


Remark: 
We could easily prove now that the SEP is also undecidable. 
Indeed, projected Reachability Sets are closed under union: If A and 
B are two Petri Nets, each with at least n places, then there exists 
a Petri Net C such that P(R(C)) = P (R(A)) U P_(R(B)). Such a net 
C can be constructed by adding a "run" place to A and another "run" 
. place to B, both initially unmarked, a new "begin" place initially 
marked with one token, and two transitions which transfer the "begin" 


token to one or the other "run" place. Finally, we identify the n first 
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places of A and B and let them be the n first places of the new net C, 
Now we can uSe the fact that P(R(A)) c P_(R(B)) > P (RA) U 
P(R(B)) = P_(R(B)) to reduce the SIP to the SEP, thus proving the 
undecidability of the SEP. 

The undecidability of the SEP will of course follow directly from 


our proof of the undecidability of the EP in section 7. 4. 


7.3 The Inclusion Problem (IP) 
Now we shall show how we can modify Petri Nets of r places to 
"forget" the marking in r-n "uninteresting" places and thus reduce the 


SIP to a comparison of complete Reachability Sets, the IP. 


Theorem 7.2: 


The SIP is recursively reducible to the IP. 


Suppose we are given two Petri Nets of r and r' places, 
respectively, and we wish to test, for the two projections on the first 
r coordinates of the respective Reachability Sets, whether one is a 
subset of the other, 

First, we note that we can always add lr -r'! | places to the smaller 
net (without renumbering the original places) to get two nets with the 
same number of places, say r. If we don't connect these Ae places 
to any transitions, we will not change the Reachability Set as far as 
the old places are concerned, and thus-the problem is reduced to the 
following: | 


Given two Petri Nets A and B of r, r 2n, places each, is 
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P (R(A)) © P_(R(B)) ? 


We shall modify both nets by adding two new places Pri and Pra 
to each net, and we shall modify the Reachability Sets in such a way as 
to make the inclusion depend only on the first n coordinates. 

Specifically, the modifications are shown in Figure 7.3. Petri Net 
A' differs from A only in the two additional places, which are 
permanently marked (0,1). Therefore we have: 

R(A') = R(A) x {0,1)} 
Petri Net B' is obtained from B by similarly adding two new places 


and p which are initially marked 4,0), But B' also contains 


Pro 


several new transitions: a transition 8 which carries a token from 


r+2’ 


Pp, to P.49° and, for each "uninteresting" place P,» ntl sisr, two 
transitions 4, and Gy. 9 removes a token from P; and 6; deposits a 
token in Py and both 6 and 6t self-loop on Pro? Finally, place Prat 
self-loops on every transition of B. Thus Pri plays the role of a 
"run" place for the "old" transitions and P49 Plays the role of a "run" 
place for the "new" transitions. 

sie long as % has not transferred the token from p rei °° Pryoe B! 
behaves like B. But after 8 has fired, the "old" transitions are 
frozen. Since no other transitions involve the "interesting" places 
Py ++ Py ‘the marking of these places will not change anymore. But 
‘the "new" transitions 6. 6, (for n+1 Sir) can now be used to generate 


any arbitrary marking in the "uninteresting" places p eee PD.» thus 


n+1 
effectively 'erasing'' the information contained in these places. It 


follows that: 


R(B') = R(B)x {4,0} vu P_(R(B)) x we" x {,1)} 


-121- 


Recall that R(A') = R(A).x {(0,1)}. 
Thus: 
R(A') ¢ R(B') © R(A) © P (R(B)) x NTP 


Since, by definition (Definition 7.1), P,,(R(A)) is the smallest set such 
that R(A) © P (R(A)) x IN", this is equivalent to P_(R(A)) © 
P(R(B)). Hence: . | 
R(A') © R(B') #& P (R(A)) © P,(R(B)) 
Since we constructed an instance of the IP from the proposed SIP, 


we conclude that the SIP is reducible to the IP. 
QED 


Corollary 7.2: 
The IP is undecidable, 


This is Rabin's result, which he first obtained for Vector Addition 
Systems. As mentioned in Chapter 6, our proof is largely based on his 


original proof (1967) as modified in 1972. 


7.4 The Equality Problem (EP) 


The first mention of Rabin's Theorem, in Karp and Miller [33], was 
unfortunately misleading: Rabin was quoted as having shown the 
undecidability of the Equality Problem (for Vector Addition Systems). 
When we found out (at Rabin's talk at MIT in 1972 [56]) that the Equality 
Problem was still open, we became interested in this and other decida- 
bility questions. But it was not until October 1974 that the search was 
successful. 

The difficulty lies in the fact that Reachability Sets are not known to be 
closed under union, as opposed to projected Reachability Sets, as 


mentioned in section 7.2. We got around this difficulty by controlling the 
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non-projected coordinates in such a way as to make the equality of the 


Reachability Sets depend only on the projected Reachability Sets. 


Theorem 7.3: 


The Inclusion Problem is reducible to the Equality Problem. 


Suppose we are given two r-place Petri nets A and B. We wish to 
test whether R(A) © R(B). We shall construct from A and B two 
Petri Nets D and E such that: 

R(A) © R(B) * R(D) = R(E) 
Both nets D and E will be constructed from a common net C which, in 
a sense, encodes the union R(A) U R(B), and we shall use the fact 


that: 
R(A) © R(B) # R(B) = R(A) U R(B) 


Petri Net C is constructed as follows: First, we identify the places 
of A with the corresponding places of B. This produces the first r 
places of C. Then we adda "run" place Prot for the transition of A 
and a second "run" place p,, +2 for the transitions of B. Places 

Py e+* Prog mentioned so far are initially unmarked. Finally we add 
a "start" place P,,3° initially marked with one token, and two 
transitions 6, and @, (see Figure 7, 4). 

. Transition 6, transfers the ''start'' token from p,, 43 tO Py, and also 
deposits the initial marking of A into Py ees Pre Similarly, transition 
6, transfers the "start" token from p,,3 tO Py,» and deposits the 
initial marking of B into Py c++ Pye Thus, depending on whether 6, or 


a, fires first, C will simulate either A or B, and we have: 
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R(C) = ©)” x ,0,1) YU 
R(A) x 4,0,0) U 
R(B) x ©, 1,0) 


Now we can construct Petri Nets D and E as illustrated in 
Figure 7.5. Dis obtained from C by adding transition 83 which 


removes the token from p This can happen only if the first 


r+2° 
firing was @, and C was in fact simulating B. A firing of 6, thus 


produces only new markings of the form R(B) x (0, 0, 0), and we have: 
R(D) = R(C) U R(B) x ©,0,0) 


Petri Net E is obtained from D by also adding another transition, 


94. 


simulating A, and thus the only new markings are of the form 


which can remove a token from p 8, can only fire if C was 


r+1° 


R(A) x 0,0,0). Hence: 


u 


R(E) R(D) U R(A) x 0,0, 0) 


R(C) U (R(A) U R(B)) x 0,0, 0) 


Since no marking in R(C) ends in (0, 0,0), we conclude that: 


-R(D) = R(E) & R(A) € R(B) 
QED 


The combined result of Theorems 7,1... 7.3 and the trivial 


reducibilities is: 


Theorem 7. 4: 
The EP, IP, SIP and SEP are all recursively equivalent to each 


other, and are all undecidable. 
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In fact, we have proved a much stronger result, since the instance of 
the EP used in Theorem 7.3 is quite singular: The two Petri Nets 
whose Reachability Sets we compare differ only by the presence or 
absence of a single transition @,! 


Thus we may state: 


Theorem 7, 5: 
It is undecidable whether the removal of a particular transition 


in a Petri Net changes the Reachability Set or not. 


We should point out, however, that this result is not as drastic as it 
might seem: even though the set of reachable markings may not change, 
its connectivity, as determined by which marking is reachable from 
which other marking by which firing sequence, is usually quite changed. 
But we shall see that a similar question for Petri Net Languages is also 


undecidable (Chapter 10), 
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CHAPTER 8 
PETRI NET LANGUAGES: DEFINITIONS AND PROPERTIES 


8. | Labelled Petri Nets 

Until now, we have mainly been interested in those properties that are 
directly related to the reachable markings of the net. In effect, for a 
given Petri Net N with an initial marking Mo we have been studying the 
properties of the Reachability Set Ry(M)- | 

In many cases, however, it is the properties of the sets of firing 
sequences Sy(M) or Ty); M,) that are of interest. For example, if 
the Petri Net describes an asynchronous system, the various event 
occurrences in the system are represented by transition firings, and we 
may be interested in which sequences are possible from a given initial 
state. This involves a study of the set of firing sequences Sxq(M 9). 
Sometimes’ we would like to know which sequences can lead from the 
initial state to a given final state, represented by a final marking M-. 
In this case we must look at the set of terminal firing sequences 
Tyy(M g» My). 

In order to relate the various transitions to the events whose 
occurrence their firing represents, we attach labels to the transitions. 
If t is a transition, then its label A(t) represents the event whose 
occurrence (in the system) is modelled by a firing of t (in the Petri Net). 
Now, if each transition received a distinct label, the labelling would add 
nothing new. The advantage of using a labelling function lies in the fact 
that we can model a Single event by several transitions, and thus 
represent the case of an event which may occur under different circum- 
stances, even if the corresponding markings are incomparable. 


The labelling function also permits us to distinguish between ''visible'' 
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and "invisible" transitions, for example in the description of the input- 
output behaviour of a system, where "internal" events are to be ignored. 
Just as we use submarkings to distinguish between "interesting" and 
"uninteresting" places when we study Reachability Sets, me use the 
notion of \-transitions to represent the “invisible” transitions. Their 
label is the "' empty" label \, which is another way of saying that they are 


unlabelled. 


Definition 8.1: 
A Labelled Petri Net A = (N,@, A) over an alphabet Qis a Petri 
Net N = (il, 2, F, B, M,? together with a labelling function 
A; 2+. IfA is total, the labelled net is said to be \-free; if 
A is partial, those transitions which have no label in Mare 


called )\-transitions. 


Definition 8.2: 
The label sequence A() corresponding to a firing sequence 
a € = is defined recursively as follows: 
A(\) = 2 
A(ot) = if t is labelled then A(@) - A(t) 


else A(o) 


Thus, )-transitions in firing sequences transform as if their label was 
the empty string A. 

Now that the labelling function A has been defined for strings 
(A: L* 4 a), we can extend it to sets of strings in the natural way. In 


particular, we use the following notation: 
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Let A be the labelled Petri Net (N, @, A): 
Pa * * 
S,(My) = {x €@ |go €S (My) x =A@)} 
* 

T,(Mp,M,) = {x € 0c |qo € Ty(My,M,): x = A@)} 
The set S a(M) is called the prefix language of the labelled Petri Net 
A (for initial marking Mo)s The set Ta(Mp, M,) is called the 
terminal language of A (for initial and final markings M, and M,). 


Definition 8. 3: 

| (a) x is the class of all prefix languages generated by )-free 
‘labelled Petri Nets. | 

(b) he is the class of all prefix languages generated by 
unrestricted labelled Petri Nets. 

(c) Ly is the class of )\-free terminal languages generated by 
\-free labelled Petri Nets. 

(d) — is the class of terminal languages generated by 


— 


unrestricted labelled Petri Nets. 


Remark: 

2 )- Languages (part (c) of the above definition) are required to be 
A-free (i. e. they contain no words of length zero) to ensure the 
closure under union of the class Lo Thus T ,(Mp, M,) is in Lo only if 
My # Mo: The restriction is not as severe as itseems: For every 
language T,(M, M) (called a cyclic language) there exist A’, Mo and 
M} such that T,(M,M y= fx} u T ,.(M}, M}) and My 7 M,. Fora 


further discussion of this point refer to Hack [24]. 


Figure 8.1 summarizes Definition 8.3, It is clear from the definition 
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8.2 Standard Form 

For many proofs and constructions it is useful to impose certain 
constraints on the Petri Nets used to generate a given language. We are 
of course mainly interested in constraints which do not restrict the class 
of languages that can be generated, If a certain set of constraints is 
particularly useful, it makes sense to define a Standard Form for 


language~generating Petri Nets: 


Definition 8, 4: . 

A Labelled Petri Net A is said to be in Standard Form iff it 

satisfies the following constraints: 

(a) The initial marking M, is standard and consists of exactly 
one token in a designated "start" place, and — tokens in 
all other places. Since My is understood, we shall use S A 
instead of Sq(Mj) for the prefix language of A. 

(b) For defining the terminal language of A, the final marking is 
standard, and is the zero marking: M 7 0. We shall use 
T, instead of T AMy- 0) if My is the standard initial marking. 

(c) No transition is firable at the zero marking, i. e. every 


transition has at least one input place. 


The following Standard Form Theorem asserts that these constraints 


do not change the classes of Petri Net Languages that can be generated by 


-132- 


nets in Standard Form: 


Theorem 8.1: 
For every Labelled Petri Net A with initial and final markings 
My and M there exists a Labelled Petri Net B which is in 
standard form, and which generates the same language as A: 


T a(Mo, M,) = T (assuming M, # M,) 


B 

Let A = (N,@, A) andN = (1,2, F,B,Mo), with M = {p,... p} 
and D =. {t, ves tJ. 

Let us also assume that every transition t € Z has at least one 
input place in fl, This can always be guaranteed by including a "run" 
place which self-loops on every transition in 2, and which contains 
one token at all markings, including My and M f Such a "run" place 
does not change the firability or the result of a firing of any transition, 
and hence does not affect any firing sequences, 

We shall transform N into a new net N! by adding a new place - the 
“start! place py - and a number of transitions. The standard initial 
marking Mj consists of one token in the ''start" place Po and zero 
tokens in all other places (II). 

(a) To satisfy condition (a) of the Standard Form, we add, for each 


transition t which could fire in N at My (i.e. for which M = F(t,)), 


0 
, a new transition u whose only input is the ''start'' place Po» and 
whose output places are such that the marking resulting from a 


firing of ti at the standard initial marking is the same as that 
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resulting from a firing fo t, at Mo: 
B(t!) = My - F(t.) + B(t,) 
The label of u is the same as that of ti It is now easy to see 
that every label sequence A(@) of A, corresponding to firing 
sequence 0 € S.(Mj), is also generated by the firing sequence 
ore Syyi(M) which differs from ¢ only in the first firing where 
Some t, has been replaced by th. Conversely, every firing 
sequence of N' must start with a firing of some u, Since all 
t,-transitions are disabled at Mj: no place in ll is marked at M}. 
(b) To satisfy condition (b) of ine Standard Form, we add, for each 
transition t which could fire last in a terminal firing sequence of 
N (i.e, such that M, = B(t,)), a new transition ts labelled like ti, 


and such that B(t:) = 0 and F(t’) = M,- B(t,) + F(t,). This implies 


f 
that t;' is firable only if t, is firable (by construction, F(t:) = F(t,)), 
and that a firing of ty reaches the zero marking iff a firing of t 
reaches M;- Thus no new label sequences are obtained, and 
every terminal firing sequence 0 of N can be replaced by a 
terminal firing sequence 9' of N' by priming the first firing of 9 
(replacing t, by tt) and by double-priming the last firing o - 
provided the length of ¢ is at least 2, Since M, # Mg by 
assumption, the only remaining case is a terminal sequence of 
length one, i.e. transitions t, such that Molt,) M5. For such a 
1, we add tw labelled like t whose sole input place is the "start" 
place Po» and which has no output places: Molt") 0. 

(c) Since all new transitions have input places if all old transitions 


have input places (as assumed), condition (c) of the Standard 


Form is also satisfied. | 
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The new Labelled Petri Net B consists of the, modified net N', and 
its labelling function is the extension of A which assigns to each new 
transition (ti or t; or tm) the label of the old transition (t;) to which it 
is due. B is in Standard Form by construction, and has the same 
prefix and terminal language as A. 


s 


QED 


Figure 8.2 shows a Labelled Petri Net A and the corresponding net 
in Standard Form obtained by the construction above, B. For a more 
detailed discussion of Standard Form Labelled Petri Nets, refer to 


Hack [24]. 


8.3 The Relationship Between Prefix and Terminal 
Petri Net Languages 


It is not difficult to add )-transitions to a Labelled Petri Net such that 
the zero marking becomes reachable from every marking, without 
changing the prefix language generated by the net. For example, if we 
have a"'run' place which self-loops on all "old" transitions of the net, 
we may add to every place a A-transition which can remove any or all 
tokens, and a "clear" place which self-loops on all these new )-transitions. 
The "run" token can be transferred by a )-transition to the ''clear" place 
and later absorbed by another )-transition, Now the "old" transitions 
can be frozen after any firing sequence, after which the zero marking 
can be reached via A-firings exclusively. 

In fact, the sequencing control of the "run" and "clear" places is not 
needed, The new )-transitions may be fired at any time to reduce the 
marking of the net. This does not change the set of label sequences that 


can be generated, because, by the containment property (Theorem 2. 1), 
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any firing sequence possible at the smaller marking can also be fired at 
the larger marking. 

We have just shown that 2 c ¥\, But the same principle of being 
able to reach arbitrarily small markings by the same label sequences as 
in the original net can also be eaetied out without introducing new 


A-transitions. 


Theorem 8.2: 
For every Labelled Petri Net A there exists a Labelled Petri Net 
B. whose Prefix and Terminal Languages are equal, up to j, to 
each other and to the Prefix Language of A, and such that B is 


x-free if A is \-free: 


S,(M)) = Sq(M) 
Tp(My,0) = S,(M,)- fA} = S,(My)- f) (if A is d-free) 
Tp(Mo, 0) = S,(Mp) = Sp(M) (if ,-transitions are 


allowed) 


Proof") 

The Labelled Petri Net B is obtained from A by adding new 
transitions. No new places are added, and the initial marking is 
unchanged. The terminal marking for B will be the zero marking. 

Let & = {t, ... t,} be the set of transitions of A (the "old"! 
transitions) and let A be the labelling function. Each t, € Z is 
replaced by the set of transitions (@/ |F(ql) = F(t,) & B(8}) < B(t,) 
& A(@3) = A(t,)}. Here, j is simply an extra index to distinguish 
between the various "new" transitions corresponding to a given "old" 


~ j 0. 
transition, and one 6i, say 6., is an exact copy of t. The "new" 


*) This proof is based on an idea of J.L, Peterson [25] 
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transitions are firable at the same markings as the "old" transitions, 
but they may "lose" any or all the tokens they would deposit. If 
we now consider an arbitrary firing sequence of the 'new'' transitions, 
say M,oM', then the corresponding firing sequence 9 of "old" 


transitions - obtained by replacing each o-firing by at,-firing - is 


i 
also firable and leads to a larger marking: Mjp®)M & M 2M'. 
Conversely, if we are given an "old" firing sequence 0 such that 
M,)M, we may replace it by a "new" firing sequence where, at each 
step, we choose the "smallest" ai capable of being followed by the 

rest of the firing sequence. The last firing will then reach the zero 
marking. Thus no new label sequences are added, and any non-empty 


firing sequence can be replaced by a zero-reaching firing sequence 


which generates the same label sequence, 
. QED 


Corollary 8.1: 


te ar 
{L-fA} |L et} Ss Ly 


Figure 8.3 illustrates the construction of the proof of Theorem 8. 2. 


8.4 Closure of Petri Net Languages under Union and Intersection 


The closure properties of Petri Net Languages are discussed in detail 
in Hack [24]. For the purpose of studying the Decidability Questions of 
Petri Net Languages (Chapters 9 and 10), we only need closure under 


Union and Intersection. 
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Theorem 8.3 
Given two Labelled Petri Nets A and B, there exists a Labelled 
Petri Net C which is )-free if both A and B are ees and 
whose language is the union of that of A and that of B: 


Ss, US 


So A 


af 


B 


To A U Tp 

To establish the closure of £ : Lo Lt, Fh under union it is 
advantageous to use Labelled Petri Nets in Standard Form. 

We recall that a net in Standard Form has a "'start'' place, which is 
the only place marked initially, and a standard final marking, the zero 
marking. Suppose we are given two nets A and B, generating S A and 
Ss respectively, as prefix label sequences (f, LA) or T ‘A and Ty as 
terminal label sequences (£5. P al ), We then construct a new net C 
by juxtaposing the two nete A and B, and by identifying the two "start" 
places; the resulting net has thus one "'start'' place and may have two 
"run" places. We note that if A and B are )-free, then so is C. An 
example is shows in Figure 8. 4. 

The resulting net can easily be seen to satisfy the Standard Form 
conditions, and its label sequences are either those of A or those of B, 
depending on the first transition firing. The same applies to terminal 
sequences, since one portion of the net (corresponding to the language 
not simulated) retains its zero initial marking, and reaching the zero 
marking is thus the same as reaching the zero marking in the "active" 
portion of the net alone. 


QED 
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Corollary 8.2: 
The language families 2, L o x, ee are closed under union. 


Theorem 8, 4: . 
Given two Labelled Petri Nets A and B over the same alphabet, 
there exists a Labelled Petri Net C which is A-free if both A and 
B are )-free, and whose language is the intersection of that of A 


and that of B: 


Suppose we are given two Labelled Petri Nets A cid B. . Let us 
first consider the case of £>-1anguages. We shall construct a 
Labelled Petri Net C such that its firing sequences correspond 
precisely to label sequences commonto A and B. As a first step, 
we shall combine A and B in a way which forces them to generate the 
Same strings. To do this, we juxtapose A and B (each with its initial 
marking). We add a new place % and, for each symbola € (the 
alphabet 2 is common to A and B), a new place m. Initially, 7%) has 
one token, all other 7-places are blank. 

As shown in Figure 8.5, we connect 1% as an input to each labelled 
té Las and as an output to each labelled t € 4. For each symbol 
a ao we connect 7, as an output to each a-labelledt € Z,, and as an 
input to each a-labelledt € ua. A-transitions in Z, or L, are not 


connected to the 7-places. 


This arrangement enforces a strict alternation between labelled 
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firings in A and B; )-firings are ‘iat restricted. Each labelled 
firing in A is furthermore necessarily followed by a similarly 
labelled firing in B. Ina sense, the f-places "remember" which 
symbol was last generated in A and enforce the repetition of this 
symbol in B before returning a token to T os As a result, the even- 
length label sequences of C are precisely those obtained by repeating 
twice each symbol from a label sequence that could be generated by 
both A and B. If we now remove the labels from all transitions in 
Las we will in effect erase the first symbol in each such repetition. 

Our construction for the intersection of two £4 -languages consists 
thus of a Labelled Petri Net C, as described abeve, where all 
transitions in Za have become A-transitions. Then we have 

So = § A n Sp 

In the case of two £-languages, both nets A and B are to reach a 
final marking. Let the final marking of the net C, constructed as 
above, be the juxtaposition of the two final markings, and one token in 


uh and zero tokens in the other f%-places. Then it is clear that: 


This proves the theorem for £* and £* 
The situation is more complicated in the case of Ly and Y-languages. 
If the original nets A and B don't have A-transitions, the net C resulting 
from the previous construction will have \-transitions, namely all the 
La -transitions. However, each A-firing will be immediately followed 
by a labelled firing. We will show how to combine these two firings 
_into a Single labelled firing. 
Figure 8.6 shows the portion of the Labelled Petri Net C of 


‘Figure 8.5 that is connected to 1, 
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We see that any a-labelled firing (t. or t,) is always preceded by a 
firing of t, or ty. There are four (2 X 2) possible combinations: 
tate. toto» tite, tity» each generating the symbol a. Thus, we can 
eliminate the A-transitions by replacing ts, ty. tg, t, with four new 
a-labelled transitions which have the same effect as the combined 
firings totge toty 933 this eliminates place 7. 

This reduction can be applied to all other T-places, except 7 0 
which remains as a marked self-loop on all new (combined) transitions, 
like a "run" place, 

Figure 8.7 shows the result of eliminating place Jn from the 
partial net of Figure 8. 6. | 

This construction shows that, if both A and Bare A-free, we can 
transform C into a \-free Labelled Petri Net whose 2 or £o- language 


is the intersection of the corresponding languages for A and B. 
QED 


From this we may conclude: 


Corollary 8.3: 


The families 2, 2 0° LA, 2A are closed under intersection. 
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CHAPTER 9 
PETRI NET LANGUAGES: MEMBERSHIP AND EMPTINESS PROBLEMS 


9.1 Membership Problems 


The membership problem is the question of deciding whether a given 
string can be generated by a given Labelled Petri Net. In the case of 
A-free nets, the problem is trivial: Each label sequence can be 
generated by only a finite number of firing sequences, all easily obtained 
from the given label sequence. And it is clearly decidable whether a 
given firing sequence can be fired from the initial marking, and whether 


it reaches the final marking; just try to fire it! Thus: 


Theorem 9.1: 
The membership problem for £ go languages and for £ -languages 


is decidable. 


In Hack [24] we show that £- and £ go” languages are effectively context- 
‘sensitive. This of course also implies the decidability of membership. 

The case of {-1anguages iS more interesting, because a given label 
Sequence may correspond to infinitely many different firing sequences. 


But this case is also decidable. 


Theorem 9.2: 


The membership problem for 2£-languages is decidable. 


Proof: 
anes 


We shall reduce this problem to the coverability problem 
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(Chapter 3). Suppose we wish to decide whether a string, say "abac", 
is in the Li- -language of some labelled Petri Net A. Let us construct 
a Petri Net B which spells out the string "abac", as shown in 
Figure 9.1; it is a trivial Finite-State Machine. Place Pe will 
receive a token if and only if the string "'abac" is actually fired. 
Now let us perform the intersection construction of Section 8. 4 for 
the two nets A and B, as is indicated schematically in Figure 9. 2. 
Now the test place Ps of B may eventually receive a token if and 
only if abac €S A: But it is decidable whether Ps may ever get a 
token, by Corollary 3.1(d). Hence membership in S a is decidable. 
QED 


The construction used in the preceding proof can also be used to test 
for membership in the £ language of a Labelled Petri Net such as A, 
But, in this case, the test string "abac"' is in T A only if it is possible to 
reach the final marking of A while getting a token into the test place P5- 
In other words, we must test whether this combined final marking is 
reachable in the net of Figure 9.2: This is the Reachability Problem. 

As it ieee out, the Reachability Problem is also reducible to the 


membership problem for sd ~languages: ~ 


Theorem 9.3: 
The membership problem for sp languages is recursively 


equivalent to the Reachability Problem. 


Proof: 


The reduction of the membership problem to the Reachability 
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Problem was illustrated above by means of the same construction as 
in the previous proof. | 

To prove the reverse reducibility, .we will show that £\-languages 
can suitably encode Reachability Sets. 

Let A be a GPN with places Py -+s Py whose Reachability Set is to 
be encoded. Let B be the labelled GPN obtained by leaving all of A's 
transitions unlabelled (\-transitions) and by adding a "run" place uf 
which self-loops on every transition in A, a set of n places 7, ee 


n 


a set of new A-transitions 4, ooo G, a Set of n labelled transitions with 


labels a, ... as and a''stop" \-transition. See Figure 9.3. 


1 


The initial marking Mj consists of the initial marking Mo of A for 


the old places Py -++ Pp» one token in 1% and zero tokens in 7 7 


pee nN 
The new )-transitions @, transfer a token from 7, _, to 1; "stop" 
removes a token from ae Each a,-transition self-loops on 7. and 
removes one token from P;. 

While 1% has its token, A fires as it did before being modified, and 
reaches some marking M ¢€ R (My) before 6, fires. Now the only way 
to reach the zero marking in the modified net B is to fire the firing 


M(py) , _M(po) M(pp) ,, 
sequence 9,34 6,25 cee 9.8 


stop", Therefore, the 
Y}-1anguage of B encodes the reachability set of A as follows: 
T3(M}, 0) = ies ay? cee aan (x), ee x, € R ,(M,)} 
We may now use this encoding to test whether a marking is reach- 
able in A: We test whether the corresponding string is in TR 
| QED 


9,2 Emptiness Problems and Finiteness Problems 


The Emptiness Problem asks whether the language generated bya . 
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given Labelled Petri Net is the empty set, i.e. whether the net generates 
any strings at all. 

This question is moot for prefix languages (% and £4), since these 
always contain at least the empty string. And if we ask whether the 
prefix language contains strings other than rX, it is sufficient to ask 
whether it contains strings of length one, which is simply a finite number 
of instances of the decidable membership problem for prefix languages. 

In the case of terminal languages (Ly and 2), we ask whether the set 
of terminal strings T, (Mj, M,) is empty for a given Labelled Petri Net 
A= W,@,A). But this is precisely the Reachability Problem for Petri 
Net N, because, regardless of the labelling A and the alphabet Z, we 
have: 

Ty(Mp,M,) = 9 © Ty(MyM,) = 9 @ My, €RA(M)) 


Thus: 


Theorem 9, 4: 
The emptiness problem for terminal Petri Net Languages 


(Lo and zs) is recursively equivalent to the Reachability Problem. 


Finally, let uS mention the Finiteness Problem, where we ask whether 
a given Labelled Petri Net can generate infinitely many distinct label - 
sequences. ‘ 


For prefix languages we have: 


Theorem 9.5: 


Finiteness is decidable for prefix Petri Net Languages (£ and), 
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Let A be a Labelled Petri Net. Then S, is infinite iff it contains 
arbitrarily long label sequences. Let us add to the Petri Net a 
"count" place which receives a token from every labelled transition. 
This place is bounded iff the prefix language is finite. But | 


boundedness is decidable (Theorem 3, 4(b)). 
QED 


So far, not much is known about the finiteness of terminal languages. 


But we have: 


Theorem 9.6: 
The Reachability Problem is recursively reducible to the 


Finiteness Problem for terminal Petri Net Languages (Lo and th), 


In the light of Theorem 9, 4 it is sufficient to reduce the Emptiness 

Problem for terminal languages to the corresponding Finiteness 
_ Problem. | 

Let A be a Labelled Petri Net in Standard Form. Addtoita 
labelled transition which self-loops on the "start'' place. This does 
not affect the reachability of the final (zero) bering: but if a terminal 
label sequence exists, then arbitrarily long terminal sequences can be 
obtained by first firing the new transition arbitrarily often: The 
language of the modified net is infinite iff the language of the given net 


is non-empty. 
QED 


“102° 


Summary of the results of this chapter (the abbreviations speak for 


themselves): 
Et decidable 
Xx . 
e7 decidable 
€ Lo decidable 
€ a. equivalent to RP 
Ore trivial 
g vr trivial 
i) Saee equivalent to RP 
) noe equivalent to RP 
of decidable 
o oA decidable 
ey Be RP reducible to it 
ro) be RP reducible to it 
Note: 


The results of Chapters 8 and 9 pertaining to the class£, have 


been obtained independently by Peterson [52] in 1973. 
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CHAPTER 10 
PETRI NET LANGUAGES: EQUIVALENCE AND INCLUSION PROBLEMS 


10.1 Petri Net Languages can Encode Polynomial Graphs 


We recall that the graph of a diophantine polynomial (non-negative 
integer coefficients) P(x, ae x) is the set: 
GP) = (4), ..., x.y) ENT lye Plx, ... x.) 
In Chapter 7 we showed that Petri Nets could encode polynomial 
graphs in terms of projected Reachability Sets. In this section we show 
how to encode polynomial graphs by means of £-languages. 


A natural way to encode sets of vectors over the integers into 


languages is to use the Parikh mapping: 


Definition 10.1: 

(a) The Parikh mapping for an alphabet @ = fa, ies a! is a 
function #: Qf + IN" such that # (w) is a vector whose it” 
coordinate expresses the number of occurrences of symbol 
a; in string w. 

(b) The Parikh mapping is extended to languages in the natural 
manner: : 


Lod: #(L) = {v € IN" law € L: V = #(w)) 


Now we shall prove that polynomial graphs can be encoded as the 
image under the Parikh mapping of an L-type Petri Net panguase: The 
coding is shades such that there is exactly one language which encodes a 
given polynomial graph. Each vector in the polynomial graph corres- 
ponds to a set of strings, and the language is the disjoint union of these 


sets of strings. 
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Theorem 10.1: 
For every diophantine polynomial P there exists a )-free 
Labelled Petri Net A such that the £-language of A encodes the 
graph of P via the Parikh mapping as follows: 


S A is the largest subset of the regular language 


(a, +a... + ay. (a * such that 


2 n+1 


#(S,) = G(P) 


Let B be a Petri Net Weak Computer (A-free and prefix) for the 
polynomial P, as described in Theorem 6.2. We construct the 
Labelled Petri Net A by adding transitions A, ... 6 one for each 
"input" place of B. Each transition 6, self-loops on the "begin" place 


and depoSits tokens into the thn 


input" place, corresponding to 
variable x,. All transitions of B (the "old" transitions) are labelled 
antl’ and each "new" transition 6; is labelled a Thus all 
transitions of A are labelled, and A is \-free. (See Figure 10.1.) 
The initial marking of A is the standard initial marking for B (as 
constructed in Chapter 6), with one token in the ''begin" place and 
zero tokens in the n "input" places. One property of Petri Net B is 
that none of its transitions (the "old" transitions, labelled ay 41).can 
fire until one of them has removed the token from the "begin" place, 
and that once this token has been removed, the "begin" place cannot 
become marked again. This means that all firings of the "new" 
transitions 4 must precede all firings of the "old" transitions. Thus 
S 


c (a, +a pees +a)’ (a 


A 2 


the number of firings in B be no more than the value of the polynomial 


* e e .J 
Ferre) }, and the only restriction is that 
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input x, m 


all "old'' transitions are 
labelled a 


ntl 


Figure 10.1 
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P for the argument generated by the preceding 9-firings: 5, is 
indeed the largest language satisfying the sequencing eevuitement 
above such that #(S,) = G(P) 

QED 


Remark: 
(a) The construction is not essentially different from that used in 
section 7.2 for projected Reachability Sets. 
(b) Since every prefix language is also a terminal language (up to }), 
we can also encode polynomial graphs as Lo gr or £-languages, 
except that this encoding leaves out the zero vector in the case of 


Lo: 


10.2 Undecidable Equivalence Problems 


In this section we Shall establish the undecidability of various 
Inclusion and Equivalence Problems by reducing the undecidable 
Polynomial Graph Inclusion Problem (PGIP) to them. The undecidability 


of the PGIP was established in Theorem 6.1. 


Theorem 10. 2: 
The Equivalence and Inclusion Problems for Petri Net Languages 


it, £ 0° ph and xh) are undecidable. 


(a) The Inclusion Problem for Y-languages is undecidable: Let P 
and Q be two arbitrary diophantine polynomials, and ask whether 
G(P) © G(Q) (The PGIP). Theorem 10.1 asserts the existence 


of two X-free Labelled Petri Nets A and B such that: 
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G(P) 
G(Q) 


#(S,,) 


Both S A and Sp are the largest subset of the regular language 
(ap t.ee + a.) (a, sq satisfying the palynomiiel constraints 
above. . 
Therefore G(P) © G(Q) # S, ¢ Sp and the PGIP can be 
reduced to the Inclusion Problem for £ -languages (IPL). 
(b) By Theorem 8.2 there exist \-free Labelled Petri Nets A' and B' 
whose terminal (Ly-) language is the same as the ~-language of 
A and B, up to the empty string ). Since the zero vector #()) 
is always in both G(P) and G(Q), we also have: 
G(P) € GQ) # Ty, S Ty, 
Therefore the Inclusion Problem for £ g7 languages is also 
undecidable. 
(c) Since ¥ c L* and L = 5 the Inclusion Problem is undecidable 
for all Petri Net Languages (¢, £ 0° 2 and £4 -languages). 
(d) Since all four families @, Lo L> and 2) are effectively closed 
under union (Theorem 8.3 and Corollary 8.2), the undecidability 


of inclusion implies the undecidability of equivalence for &, 2 0° 


ir and aa 
QED 


Now we shall investigate to what degree the language generated by a 
Petri Net depends on the structure of the net. We shall see that the 
generated language is quite sensitive to minor changes in the structure of 
the net. indeed: it is undecidable in general whether such small changes 
in the net also induce a change in the language. This recalls a similar 


situation for Reachability Sets (Theorem 7. 5). 
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Theorem 10. 3: 


It is undecidable whether the addition or removal of a given 


transition changes the language (prefix or terminal) of the net. 


Proof: 


Consider the Labelled Petri Net C of Figure 10.2. It contains two 


components A and B which are assumed to be in standard form, with 


respective "start" places p, andp,. These places are connected to 


a new "'start C" place Pp, by transitions t, and t,, both labelled c, 


where c is a new symbol not in the alphabet of Aor B. The initial 


marking of C consists of just one token in its "start" place, Pz. 


We have: 
To = ce (Ty U Ty) 


Let C' be obtained from C by removing to. Now B cannot be started, 


and we have: 


Hence: 


Sa, = fA} Uc+ Sy, 


Tas eR 
Ge PE ApS SA 
se er ee i 


In other words, the inclusion problem for the languages of A and B can 


be reduced to the equality problem for the languages of C and C’, 


which differ only in the presence of transition to: 


QED 


Corollary 10.1: 


It is undecidable whether any of the following changes affects the 
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Cor Ct: 


"start C" (C' is the same as C, but without ty) 


"start A" 


AzT, U {3} 
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language generated by a Labelled Petri Net: 

(a) changing the initial marking by one token 

(b) (for £ 0° Pde ): changing the final marking by one token 
(c) removing a place 

(d) removing or changing the size of an arc 


(e) removing or changing a label on a transition 


All these cases can be transformed into the removal or addition of a 
transition, as in Theorem 10.3. We leave the details of the 
construction to the reader as an instructive exercise. (Cases (a) 


and (c) are discussed in Hack [24]. ) 


Finally, we recall that every prefix language can be generated by a 
net whose prefix and terminal languages (up to ) in the case of Ly) are 
the same. But in general, for a given Petri-Net, we cannot determine 
whether the prefix and the terminal language of the net are the same 


(up to in the case of L,): 


Theorem 10. 4: 
It is undecidable whether every non-empty prefix label sequence 
of a Labelled Petri Net is also a terminal label sequence of the 


same Net. 1 


Proof: 
Consider the Labelled Petri Net Dof Figure 10.3. It is obtained 


from C (in Figure 10.2) by adding an output place p 4 (initially 


f 
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unmarked) to t, and a third transition t,, also labelled c, which 
simply may remove the "start" token from Pg, the "start D" place, 
Without loss of generality (Theorems 8.1 and 8.2) we choose A 
such thatS, = Ty, U {yl. 
We have: 
| Sp = &} Uc U c+ (8S, U S,) 
Since ) € Sas we can rewrite this as: 
Sp - fi} = e+ (S, U SQ) 
Let the final marking of D be the zero marking. Because of p,, no 
terminal sequence can fire tye Thus: 
Tp = ¢ Uc+T, = c+ (Ty vu fal) 
Because of our choice of A this is also: 


D ~ A 
In other words: 
and the undecidability follows from the undecidability of the inclusion 


problem for £-languages. 
QED 


10.3 The Equivalence Problem for Sets of Firing Sequences . 


The séts of firing sequences Sy(My) or terminal firing sequences 
Tq(Mo M,) can of course be regarded as Petri Net Languages of type & 
and & 0 respectively, by considering the Petri Net N to be a Labelled 
Petri Net where the alphabet is the set of transitions, and each transition 
is its own label. In Hack [24] we call such Labelled Petri Nets, where 
all transitions have distinct labels, Free-Labelled Petri Nets, and their 
languages, the Free Petri Net Languages, of type yi (prefix) or hae 


(terminal). 
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The Equivalence Problem for Sets of Firing Sequences is the problem 
of deciding, given two Petri Nets N and N' and a bijective correspondence 
between their transitions (for purposes of comparing firing sequences), 


whether Sqyi(M (Mp) or Ty(M 9. M,) = Ty (Mp, M;). In terms of 


o) = Sy 
Petri Net Languages, it is the Equivalence Problem for Free Petri Net 
Languages (of type gi or z): We also have the corresponding Inclusion 
Problems. We shall show that the Inclusion Problems for Sets of Firing 
Sequences are reducible to the Reachability Problem. If it turns out 
that this is decidable, then this will imply that Free Petri Net Languages 


are essentially less powerful than Petri Net Languages in general. (It is 


already known that some particular & p- languages are not Free. ) 


Theorem 10. 5: 
The Inclusion and Equivalence Problems for the Sets of all Firing 
Sequences (for L! -1anguages) are reducible to the Reachability 


Problem. 


It is sufficient to reduce the Inclusion Problem to a problem 
equivalent to the Reachability Problem, such as the Sub-Liveness 
Problem (SLP) for a given transition. 

Let two Petri Nets A and B be given, each with its initial marking, 
and let their sets of transitions be {c} ne ae and oy nee ths For 
the bijective pairing - = te » we ask whether Sa S Sp: 

We connect the two nets together in a new net C, as shown in 


Figure 10.4. The construction is based on that for the intersection of 


two languages (Figure 8.5): there is a control place uf (initially 
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marked with one token) and 'symbol-remembering" places ., one for 
each pair of corresponding transitions oe i If all 1. 1 Sin, are 
empty, then the firing sequence fired so far in A has been exactly 
echoed by B. 

The token in 1) can also be transferred to place m"' via transition 
| Y, and permanently enable the test transition 9, which self-loops on 
tT", 

It appears that the only markings of the new net C at which 9 is not 
potentially firable are markings with a token in some 7. 1 SiSn, at 
’ which the corresponding transition we is not firable. Such a marking 
is reachable if and only if there exists a firing sequence 9 in A, 
ending in which cannot be echoed completely by B: ¢ €S A Sp, 
and S A ¢ S.- 

Thus 6 is live iff S A Cc Sp and the inclusion problem for A and B 


can be reduced to the SLP for § in C. 
QED 


The inclusion problem for terminal firing sequences (£5) will also be 


shown to be reducible to the Reachability Problem. But in this case, 


the RP is also reducible to the equivalence problem: the RP for 


M, € Ry(M,) is the equivalence problem T,(M,y, M,) = $, because it is 


trivial to find a Petri Net N' such that T), = f. We have: 


Theorem 10. 6: 


The Inclusion and Equivalence Problems for Sets of Terminal 
Firing Sequences are recursively equivalent to the Reachability 


Problem. 
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We just mentioned the reducibility of the RP to the inclusion and 
equivalence problem. To show the reducibility of the inclusion (and 
thus also equivalence) problem to the RP, we reduce it to the SLP for 
a given transition @, as in the preceding proof, 
Let two Petri Nets A and B be given, with their initial markings, 
and let their final markings be MA) and M,(B), respectively. We 
construct a new net C as shown in Figure 10.5. It contains the 
construction of Figure 10.4, plus the following: 
- a place ™' which records he presence of a token in some . 
"symbol-remembering" piace 7, 1sisn. 

- for each component (A or B, indicated by subscript), a 
mechanism for testing whether the corresponding final marking 
M fA) or M,(B) has been reached. This consists of a transition 
8, which removes exactly MA) from the places of A, a place 
Ts which gets a token from Oa» and a set of transitions @, one 
per place of A, which can remove a token from uN only if the 
corresponding place of A still contains a token. A place Lae 
initially with one token, prevents 6 A from firing more than 
once. If A has reached a marking M(A) = M fA) then a firing 
of IN is possible and it disables all &-transitions. 

- The final-marking detectors are interconnected as follows: 

9, removes a token en TT, | 
The @-transitions return this token to 7. 

4B removes a token from 7,. 

The B-transitions return this token to ™,. 


- Finally, a transition y' removes a token from each of 7, Ty and 
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token directly from 7, to 7 an 


and drops a token in", whereas transition y" transfers a 


This construction works as follows, We start by firing only transi- 
tions in A, echoed in B. If at any time we fire y' instead of some ti 
we get a token stuck in 7', and 9 cannot cease to be firable: . is 
empty, and IN is disabled. 

If we fire y, we have previously completed and echoed some firing 


sequenced € S, N SL, reaching markings M(A) and M(B) in A 


B’ 
respectively B. 

The token now in T' may be stuck there if M(A) + M,(A), because 
then IN is not firable. Henceg ¢ T A and § cannot cease to be firable. 
If, however, M(A) 2 M,(A), we fire @,. The token can escape from 
7, if some @ is firable (M(A) ? M,(A)) or if 6, is firable 
(M(B) 2 M,(B)). If neither is firable, then M(A) = MA) and 
M(B) + M,(B), i.e. 9€T,- Ty. The token is stuck in 7, and 9 is 
not potentially firable: ® was not live at the initial marking. 

If we did leave 7, by firing some &, the token returns to 7" and 
is now stuck there, because IN has already fired (Ty is empty), and 
9 is permanently firable, 

If we did leave 7, by firing @,, we have M(B) 2 M(B). The token 
cannot get stuck in ™, because via y"' it can return to 7" and get stuck 
fee: with § permanently firable. But if some 8 is firable 
(implying M(B) > M,(B), i.e. o ¢ Ty) the token may return to T,. 
Since 6, has already fired, the token is stuck in 1, unless some @ 
is firable and returns the token to T"' where it must stay. Again, the 
token is stuck in 7, only if M(A) = M,(A), i.e. GQET, - T,. 


A B 
This description exhausts all possible firing sequences, and is 
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A and B have their respective initial marking. 


Places 1%: UN and 1, have one token each. 


Fire gin A 


and.echo it in B, 
reaching M(A) in A 
Echo 8 and M(B) in B.. 


Token stuck in 1) 
M(A) = M,(A) 
M(B) # M,(B) 


ae Ta - Tz 


8 is not potentially 


firable. 


Token stuck in 1" 
because 
M(A) # M,(A) 


@ is permanently 
firable. 


M(B) 2 M,(B) 


Fire B: 
M(B) > M,(B) 


Token stuck int" Token stuck in Lan 
M(A) = M,(A) 


M(B) > M,(B) 


because TA empty. Fire a: 


@ is permanently M(A) > M,(A) 


firable. o € Ta 7 T, 


6 is not potentially 
firable. 


Figure 10.6 
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summarized in Figure 10.6. It appears that a §-dead marking 
(where 9 is not potentially firable) can be reached if and only if 
ao € Ta - ot Transition 9 is live in the new net iff Ta ¢ Tp: 


QED 


Summary of the decidability results of this chapter: 


IPf, Lo: pr, bas undecidable 


) 
A yr 
BPE, Ly 0 £5) 


wy), epg! (firing sequences): reducible to RP 


IPL i, EPL) (terminal firing sequences): equivalent to RP 
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CHAPTER 11 
CONCLUSION: OPEN QUESTIONS AND CONJECTURES 


11.1 Is Reachability Decidable? 


The decidability questions considered in this thesis fall into three 
classes: decidable problems, problems equivalent (or reducible) to the 
Reachability Problem, and undecidable problems. One might call these 
the three Petri Net "degrees of unsolvability". The decidability of the 
Reachability Problem is of course the major open problem in this area. 
Its resolution will not only settle most questions considered in this thesis, 
it will have repercussions in several fields outside of Petri Net theory, 
because of the connections mentioned in Chapter 1. 

Problems equivalent to the Reachability Problem typically involve the 
existence of a firing sequence satisfying certain effectively testable 
conditions, such as reaching a given marking (RP) or some t-dead 
marking (LP). Now, we can enumerate firing sequences of increasing 
length and check whether they satisfy the required conditions. The 
question is: How long do we have to search before we may convince 
ourselves that no such firing sequence exists? In other words, is it 
possible to put a bound on the length of the shortest firing sequence 
satisfying the conditions, if such a sequence exists? We would expect 
such a bound to depend on the size of the Petri Net and of its initial 
marking. 

It is not difficult to construct a sequence of Petri Nets N; (f= D2) secs) 
of size k -i (measured by the total number of arcs, i.e. the sum 
u (F(p, t) + B(p, t)) over all places and transitions) and with initial 
markings of x tokens, such that the shortest firing sequence reaching the 


zero marking is of length proportional to x - 2*. In fact, a recent 
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construction by Lipton [39] can be adapted to Petri Nets to generate a 
sequence of nets N; such that the shortest zero-reaching sequence is of 
length proportional to x - 2? This very rapid growth suggests that the 
Reachability Problem, if decidable, may still be quite complex. Indeed, 
a direct consequence of Lipton's result is that the complexity of the RP 
is at least "exponential-space-hard" £39}, | 

In the preceding discussion, we have intentionally separated the size 
of the initial marking (x) from the size of the net (k -i). This is because 
of the following important observation: 

Every Petri Net.we have ever constructed, no matter how 
contrived, has the property that the length of the shortest zero- 
reaching sequence (or of the shortest killing sequence) is bounded 
by a linear function of the size of the initial marking. 

The failure to find a counterexample has never proved anything, but it 
can provide a strong hint. There seems to be a pattern among the ways 
the various Petri Nets allow a killing sequence (a firing sequence which 
reaches some t-dead marking) of length proportional to the initial 
marking, and it is not unlike the pattern of firing sequences used to cover 
a marking of a given size, as in Chapter 3. A detailed analysis of the 
construction of coverability trees shows that, ina given Petri Net, there 
exists a constant K such that if a marking M (of size lM |) is coverable, 

a covering marking can be reached by a firing sequence of length less 

than K - [M [. For a sequence of nets N; of size proportional to i, the 
corresponding constant K, may grow like 22° (again using Lipton's 
constructions), and the best known upper bound appears to be Ackermann's 
function of i (cf. Hack 24)). 


Our conjecture with regard to the Reachability Problem is then: 
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Conjecture: 


The Reachability Problem is decidable, because for a Petri Net of 
size y with an initial marking of size x we can determine a constant 
Ky Such that the zero marking is reachable iff it can be reached by a 


firing sequence of length less than K oa. 


11.2 Some Sufficient Conditions for the Undecidability of RP 


Given the versatility of possible Petri Net constructions and the 
surprising complexity of some of them, it is not unreasonable to Suspect 
the undecidability of the Reachability Problem. Some colleagues believe 
the problem to be undecidable, and in the course of this research the 
author's opinion has oscillated a few times between decidability and 
undecidability. 

The undecidability results we have proved so far rely on a Suitable 
encoding ofa polynomial graph G(P). Suppose we could similarly encode 


the complement of a polynomial graph: 


n+1 


G(P) = IN - G(P) = (<x)... x Yemn™Ml |y 214+ P(x, ... x) 


ny 


The PGIP can then be reformulated as the emptiness problem for the 
intersection of a polynomial graph and the complement of a polynomial 


graph: 
G(P) © G(Q) » GP) 1 GQ) = ¢ 


Since Petri Net Languages are closed under intersection (Corollary 
8.3) and since their emptiness problem is reducible to RP, we can assert: 
A sufficient condition for the undecidability of RP is the 

possibility of encoding the complement of an arbitrary polynomial 


graph as an £,-language by the mapping used in Theorem 10.1 for 
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polynomial graphs. ; 

A direct corollary of the preceding condition is: 

A sufficient condition for the undecidability of RP is the 
closure under complementation of the Petri Net Language family 
: (or the inclusion in xr of the complementation closure of &, 

PY or Lp). 

It is also possible to use the closure properties of the family Bd 
(see Hack [24]) to show that the complement of an arbitrary polynomial 
graph can be encoded (as in Theorem 10.1) in t iff the language 
fa*bY | y 2 x7] is an 2 -language. | 

A sufficient condition for the undecidability of RP is the 
existence of the language {a*b | y = x”) in ti : 

Finally, a Petri Net which generates the language {a*bY ly 2 x?} can 
be modified into a net where the length of the shortest zero-reaching 
sequence is proportional to the Square of the size of the initial marking. 


Compare this with the conjecture of the previous section! 


11.3 Decidability Questions for Restricted Classes of Petri Nets 
Although we defined both Generalized Petri Nets (GPN) and Restricted 


Petri Nets (RPN) in Chapter 2, all theorems in this thesis are true for 
GPN's as well as for RPN's, and the only proofs that need to be (slightly) 
modified are those of Lemma 4.4 and Theorems 7.3, 8.1 and 10.6. . 
This is why we simply say "Petri Net" instead of "Ordinary Petri 

Net", GPN, or RPN. 

The more commonly used "Ordinary Petri Nets" (section 2.2) have 
been subdivided into a number of classes in the literature, Such as 
Simple Nets, Free-Choice Nets, Marked Graphs or State Machines. 


Definitions and further references can be found in Hack [18]. 
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State Machines, and, in a more general sense, all bounded Petri Nets, 
behave like classical Finite-State Automata, and all problems considered 
in this thesis are decidable for this class of Petri Nets. 

Marked Grap hs are a subclass of the Persistent Petri Nets, and their 
mathematical properties have been extensively studied (Commoner [7 ]). 
Again, all problems are decidable, although languages generated by 
Marked Graphs have not been studied much (see, for example, Baker [3 ]). 

The Liveness Problem is decidable for Free-Choice Nets, because 
liveness in these nets depends only on simple structural properties, by a 
Theorem of Commoner (see Hack [18]). On the other hand, all 
constructions for Reachability and Equivalence can be carried out using 
Free-Choice Nets, and thus have the same status as for GPN's. 

Simple Nets include the Free-Choice Nets and have the same Reach- 
ability and Equivalence Problems as GPN's, Although there is a simple 
sufficient condition for liveness in Simple Nets, no useful necessary 
condition is known, and the Liveness Problem is unsettled. 

We have already mentioned (section 5.2) that the Liveness Problem is 
decidable for Persistent Nets, but Reachability and Equivalence are 
unsettled. 

Because of the remark following Theorem 5.2, the Reachability 
Problem and the Equivalence Problem for Live Nets are the same as for 
GPN's, é se 

Finally, let us mention the interesting class of Symmetric Nets, 
where for each transition t there is a "reverse" transition t' such that 
F(p, t) = B(p, t') and B(p, t) = F(p,t'). In Symmetric Nets every 
potentially firable transition is live, so liveness is decidable. Reach- 


ability is decidable because Symmetric Nets are closely related to 
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commutative semigroups (Cardoza [ 6 ]). 

Let us also mention in a few words some further generalizations (as 
opposed to restrictions) of Petri Nets. There has been some controversy 
about the modelling power of Petri Nets: Can they - or can they not - 
represent "all" synchronization problems (Patil [51]; Parnas [47]; 
Habermann (16])? It is implicit in his paper [16 ] that Habermann could 
only be satisfied by a formalism which has the power of Turing Machines. 
_A more reasonable approach is to check a number of classical synchron- 
ization problems. It then appears that all practical synchronization 
problems which Petri Nets fail to solve involve the notion of priority: 
certain things can happen only if no things of higher priority can happen. _ 
These problems can be solved if we modify the firing rule of Petri Nets 
to include zero-testing transitions or arcs, which are enabled only if 
their input place contains no tokens. The inability of Petri Nets to test 
for zero (for several reasonable definitions of ''zero-testing") follows 
from the containment property (Theorem 2,1) of Petri Nets (Keller [34], 
Kosaraju [37]). The inclusion of zero-testing arcs has been proposed by 
Agerwala [2 ], among others. By comparing the resulting "Inhibitor 
Nets" with Minsky's Program Machines (cf, section 1.3), it appears that 
these nets have the full power of Turing Machines. We have shown 
(Hack [24]) that priority firing rules have exactly the same effect, and 
that "Inhibitor Nets" and "Priority Nets" can be simply transformed into 
each other. It is not difficult to see that for these improved" Petri Nets 
most problems treated in this thesis, such as boundedness and reach- 


ability, are undecidable. 


11.4 Conclusion 


The subject of Decidability Questions for Petri Nets has by no means 
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been exhausted. There are a number of problems which seem to be 
more difficult than Reachability (i.e. reducibility is suspected in only one 
direction), for which we have not been able to prove their undecidability: 
Is the Reachability Set strongly connected, i.e. is every reachable 
marking also peachabie from every other reachable marking? Does 
‘there exist a live initial marking? Does the Reachability Set contain 
some live marking? Is every marking which agrees with a given 
submarking reachable ("strong submarking reachability; see the 
discussion following Definition 2.18)? These problems belong, for the 
time being, in a fourth Petri Net "degree of unsolvability", between RP 
and undecidability. 

The author's original goal was to settle the decidability of Reachability, 
and to develop insights into the complexities and possibilities of Petri 
Nets as a mathematical model. The first goal proved to be too 
ambitious; we only found relative reducibilities, as well as a number of 
new undecidability results (the various equivalence problems). We leave 
it to the reader to assess the fulfillment of our second goal, and wish her 


or him a successful investigation of the remaining open problems. 
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APPENDIX 


SETS OF VECTORS OVER THE AUGMENTED INTEGERS 0 


In this appendix we shall prove various results presented in section 
2.6 concerning the properties of the complete lattice of vectors over the 
augmented integers Q and its non-complete sublattice of vectors over the 
non-negative integers IN. Completeness in this sense means that every 
subset of Q* has a least upper bound (lub) with respect to the partial 
order = for vectors. Let us first recall the relevant definitions (the 


numbering is as in Chapter 2): 


Definition 2.22: 
The augmented set of non-negative integers is the set 
= IN U {w}, where wis an element which behaves like an 
integer larger ‘ian any given integer and is characterized by: 
vn €N: wAn & W2En & Wtn = we Oem 2 we 


WtW = WwW WwW 


Definition 2. 25: 


A chain C © QQ” is a subset which is totally ordered under s, i.e. 


C = (Voge Vyreee View eed and V. 


S Aes a ye gta 3 
jt Le (for all j if C is infinite, 


or up to j = |C| - 2 if C is finite). 


Definition 2.26: 
A subset A © Q* is chain-complete iff, for every chain C C A, 


its least upper bound is an element of A: lub (C) € A. 
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Definition 2.27: 


ok 
A subset A © Q™ is monotone iff vV €A: Vis V >= VIéA. ) 


Definition 2. 28: 


A 
For asetA © ar, its set of maximal elements A is the set: 


A= (veéalgvi ¢€a: vi>v} 


Definition 2, 29: 


r ‘ 7 . ° 
For a'set A © Q', its chain-completion A° is the smallest 


chain-complete set containing A. 


The following Theorem forms the basis of many finiteness proofs: 


Theorem 2, 4: 


Proof: 


(a) 


(a) Every infinite subset of 2 contains an infinite chain. 


(b) Every set of mutually incomparable vectors in Q? is finite. 


Every infinite sequence of integers or augmented integers 
contains an infinite nondecreasing (scattered) subsequence, 
because if there does not exist a strictly increasing subsequence, 
there must exist some number (or W) which is repeated infinitely 
often, and whose repetition also forms an infinite nondecreasing 
subsequence. 

If we now have an infinite subset of Q*, we may arrange it into 
an infinite non-repeating sequence (Q" is denumerable). From 


this sequence we can now extract an infinite subsequence non- 


*) Such sets are also known as 'order ideals! ‘ 
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decreasing in the first éscédinate: from which we extract an 
infinite subsequence also nondecreasing in the second coordinate, 
and so on for all r coordinates. In this manner, we end up with 
a non-repeating infinite subsequence which is nondecreasing in 
each coordinate, and thus forms a chain. 

(b) A direct consequence of (a) is that every infinite subset of IN” 
or 9 contains distinct comparable elements. A set of 
incomparable vectors must thus be finite. 

QED 
Corollary 2.1: 
A set of maximal elements A, as defined in Definition 2.28, is 


always finite. 


Proof: 


Maximal elements are incomparable. 
QED 


The proof of Theorem 2,5 requires a few Lemmas. 


Lemma 2.1: 
IfAC Q isa chain-complete set, then: 


A 
VEA = (AV' EA: VS V') 


Given VV € A, letB={v' €A*|v'2v} NA. LetCc Bbea 
chain in B. Since B © A, Cis achain in A and, by chain-complete- 
ness of A, we have lub (C) € A. On the other hand, we have VV" € C: 


lub (C) 2 V" 2 V. Hence, lub (C) € B and B is chain-complete. 
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A A AN A 

We also have BC A. Indeed, suppose that V' € B but V' ¢ A, 

i.e., JV" € A: V" > Vt, Since V'' > V' 2 V, it follows that V" ¢ B, 
* A . 

implying v' ¢ B. 

Now, Zorn's Lemma assures that every chain-complete set 

A 

contains a maximal element, which implies B# 9: Thus: 


: A A 
VEA > AVI EBSA: Vi2zv 
QED 


Note: 
| This Lemma is actually a variant of Zorn's Lemma and is not 
restricted to A © Qn", fA c Q? it can also be proved directly by at 
most r induction arguments constructing infinite chains in A which 


eventually lead to a maximal element. 


For the following Lemma we need two functions f, g: IN x ar 4ar, 
Given an integer b and a vector V, f(b, V) is the result of replacing in V 
those coordinates which are not less than b by Ww, and g(b, V) is the result 


of replacing these same coordinates by b: 


f(b, V)(i) if Vii) 2b then w else V(i) 
1sisr; 


g(b, V){i) 


" 


if V(i) 2b then b else V(i) 


In other words, a vector V whose finite coordinates are less than b is 
characterized by f(b, V) = V, and if B © 9° is a set (necessarily finite) 


whose elements have no finite coordinates which reach or exceed b, we have: 


b is abound on ) 
the finite coordinates) © VV €B: f(b,V) = V 
of vectors in B ) 
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We interpret ''bound" in the exclusive sense: The bound strictly 
exceeds that which is Bounded: 

We shall show that in the case of the set of maximal elements A of a 
monotone set A, we can effectively find such a bound b by testing for 
membership in A. | | 

The following numbered, easily verified properties of the functions f 
and g will be used (%)" is the vector in IN” all of whose coordinates are 
equal to b). 

(1) f(b, V) 2 V 

(2) g(b,V) s V 

(3) glb, V) = &)* 

(4) f(g(b, V)) = f(b, V) 

(5) Vs v' » f(b, V) = f(b, V') 


Now we shall prove: 


Lemma 2,2: 
ifAc Q” is monotone and chain-complete, and A is the set of 
maximal elements of A, then b is a bound (in the strict, exclusive 
sense) on the finite coordinates of maximal elements iff: 


(*) vV s ©: VeEA = £b,V) EA 


if part: Suppose V ¢€ A and some finite coordinates reach or 
exceed b, i.e. f(b,V)#V. By (1), it follows that f(b, V)>V, and 
since V is maximal, this implies f(b, V) ¢ A, 

By (4), we also have f(g(b, V)) ¢ A, and by (3) we have g(b, V) = 4)”. 


But then the contrapositive of hypothesis (*) implies that g(b, V) ¢ A. 
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This, together with (2), contradicts the monotonicity we have 
assumed for A. (Note that chain-completeness is not required for 
this part. ) 
only if part: Since A is finite (Corollary 2.1), there exists a 

bound b such that: 

Vv cA > f(b,V) = V 
From Lemma 2,1 (which is where chain-completeness is needed) it 
follows that: 

vVveA >? FV! cA: vi2zv 
By (5) this implies f(b, V') 2 f(b, V), and, since v' € A: V" = f(b, V). 


Then f(b, V) € A follows from the monotonicity of A. 
QED 


Now we are ready to prove: 


Theorem 2.5: 
IfACc 9” is monotone and chain-complete, then its finite set of 
maximal elements A is uniformly reducible to A, and it 
characterizes A as follows: 


A 
A = {ve Qa? |Fvi eA; vi 2V} 


| Since A is monotone and chain-complete, we have ASA and: 
yw €Q"; (7v' €A: Vsv') > VEA 
Lemma 2,1 shows that the converse also holds: 
wea: VeA > (AV. EA: VV»), 
This proves the characterization of A by A, 


A 
To establish the uniform reducibility of A to A, we must show how 
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to generate exhaustively all vectors in A. Since A is finite 
(Corollary 2.1), there exists a bound b on the finite coordinates of its 
elements, This bound.can be found by testing larger and larger 
integers b for the property (*) of Lemma 2.2, which involves a finite 
‘and bounded number of membership tests in A at each step. 

Once a bound b has been found, only a bounded number of vectors 
are candidates for membership in A, For each candidate V, the 
following procedure tests whether V € A: Let U; be the vector 
U,(j) = if i = j then 1 else 0. Then 

[V eA & Wi, 1Sisr:; V+U,4V = V+U, €A)] @ [VE 4}. 


A 
This follows from the definition of A and the monotonicity of A. 
QED 


For the sake of completeness, it should be noted that the converse of 


Theorem 2.5 also holds, i.e. that: 


A 
A={VE ar lave € A: V' 2V} = A monotone and chain-complete. 


This is thus a useful characterization of monotone and chain-complete 


sets of vectors over the augmented integers Q. 


We shall now study the chain-completions of monotone sets. 


Lemma 2, 3: 


Let C be a chain in a monotone set A © a’, and let V = lub (C). 
Then we have: 


VV'ieN: visv => VIEA 


Proof: 


Whether C is infinite or not, it must contain a vector V'" such that 


vi! « Vv" < V, because each coordinate in the chain must eventually 
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reach or exceed the corresponding coordinate of V', which is finite. 
But this vector V" covers V' and, being in C, is an element of A. 


Since A is monotone, V' is also in A. 
QED 


Theorem 2. 6: 
The chain-completion of a monotone set A © Q* is monotone and 
consists exactly of the least upper bounds of all chains in A. (If 
A CNN’, then AS - A consists exactly of the least upper bounds 


of all infinite chains in A. ) 


(a) composition of AS; 

A® certainly contains all the lub's of chains in A. These lub's 
include the elements of A, which are the lub's of one-element chains. 
It remains to be shown that nothing else is in Ac, i.e. that the set 
A'=A vu {fall lub's of chains in A} is already chain-complete. 

If A! is finite, there is no contest, so let us assume that 
C= {V,,V,,...} ¢ A’ is an infinite chain in A’: V j: Viet > V5. 
Some of these we may have wW-coordinates. 


V, 


Let us scan along the sequence Vi ge cee 


and replace each y; 
by Vj as follows: 
vj = ¢oyF 


vj 71; 1S8isr; vii) = if Vv) = wWthen V fit 1 else Vi) 


‘ 
Fad 
These vectors Vi form a chain C'! ¢ IN’, and it is clear that C and 
C' have the same lub: V = lub (C) = lub (C'), Each vector V; € Cis 
thus covered by V = lub (C). But then Lemma 2.3 implies MG € A’, 


so that C! is also a chain in A' f. IN’, Now we observe that 
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AN wW™ = An IN’, because if the lub of a chain in A has no 
w-coordinates, it is the lub ofa finite chain, and hence an element of 
A. Thus C' is a chain in A, and its lub is in A': We have proved 


Ve A, and thus the chain-completeness of A', 


(b) monotonicity of AS: 

Let V € AS, and. let V' # V. From (a) it follows that there 
exists a chain C © A whose lub is V._ If we scan the vectors in C in 
increasing sequence, each coordinate must eventually reach or exceed 
any finite coordinate of V'. Let V'" € Cbea vector which covers V' 
in every finite coordinate of V', and let C'' be the chain of all vectors 
following V'' in C, so that lub (C") = lub(C) = V. Each vector in C" 
covers V' in the finite coordinates of V'. Now let C' be the chain 
obtained by replacing in each vector of C" those coordinates which 
exceed V' by the corresponding coordinates of V'. The monotonicity 
of A (recall that C'' © C © A) implies that C' C A, and clearly 


V' = lub (C'), Hence V' € A°,. and Ar is monotone, 
QED 


Corollary 2.2: 
IfAc IN’ is monotone, then A = A® N IN’, 


Proof: 
This follows from Theorem 2.6 and the fact that any lub which is 


not in A is the lub of an infinite chain, and thus contains wW-coordinates. 


QED 


Let us now recall the definition of agreement between two vectors 


Vv, Viié ar (Definition 2.15), expressed in vector notation: 
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V agrees with V', written V = V', iff the coordinates which are 


finite in both V and V' are equal in V and V': 


VeVi « (Vi, 1Sisr; Vli)+ Vi) #w > Vi) = Vi)) 


From this definition it follows that: 


Ven’, vi éN: Vaevie > V<vi 


Ven’, vi en: Vavi »® Ve=V! 


Then a characterization of chain-completion is given by: 


Theorem 2.7: 


Proof: 


(a) 


(b) 


The chain-completion A° of a monotone set A cS IN’ is such that. 


AS = {fveg’lyv' € Nw: viavV » Vi €é A} 


Let V € AS, V' € IN’ and V'wV. Then V' $V, and since A® 


is monotone (Theorem 2.6), V' € A®. Hence V' € Ac A IN’, 


which implies V' € A (Corollary 2.2). 


Let V be such that VV' € IN’; VieaV > V'€ A. Definea 


sequence of vectors V 


’ Vo --. Such that vi) = if V(i) = W then 
jelse V(i), 1<isr, Clearly, {V,,..., Vi ...}is an infinite 


chain whose lub is V, and such that Vi, Vi V, so that itis a 
chain in A, This implies V € A° by the definition of chain- 


completion. 
QED 


Finally, we have 
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Theorem 2.8: 
IfAc I is monotone, then there exists a finite set 
a c 
iV, acess v3 = A’, uniformly reducible to A’, such that: 
A={veN |VSV, or VSV, or ++. or VsV,) 


2 
Proof; 
This is a direct consequence of Theorem 2.5, Theorem 2.6 and 


Corollary 2.2. 
QED 


For results and proofs about semilinear sets, the reader is referred 


to Ginsburg and Spanier [14]. 


10. 


i 


12. 
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